urlscan.io logo urlscan.io
SecurityTrails logo

www.timesunion.com Open in urlscan Pro
151.101.64.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://claim-refund-irs.misecure.com/
Effective URL: https://www.timesunion.com/
Submission: On August 09 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 13 countries across 136 domains to perform 691 HTTP transactions. The main IP is 151.101.64.200, located in United States and belongs to FASTLY, US. The main domain is www.timesunion.com. The Cisco Umbrella rank of the primary domain is 128425.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on April 16th 2023. Valid for: a year.
This is the only time www.timesunion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 137.184.93.175 14061 (DIGITALOC...)
1 1 98.129.228.59 33070 (RMH-14)
63 151.101.64.200 54113 (FASTLY)
1 151.101.65.26 54113 (FASTLY)
15 54.248.150.184 16509 (AMAZON-02)
34 18.65.216.13 16509 (AMAZON-02)
2 18.65.203.198 16509 (AMAZON-02)
5 54.185.109.45 16509 (AMAZON-02)
6 142.251.42.136 15169 (GOOGLE)
7 172.217.161.66 15169 (GOOGLE)
1 104.18.26.152 13335 (CLOUDFLAR...)
1 151.101.66.217 54113 (FASTLY)
8 18.65.221.214 16509 (AMAZON-02)
7 23.39.216.189 16625 (AKAMAI-AS)
1 18.65.199.115 16509 (AMAZON-02)
1 18.65.214.227 16509 (AMAZON-02)
5 151.101.1.44 54113 (FASTLY)
7 3.226.154.247 14618 (AMAZON-AES)
11 69.173.158.92 26667 (RUBICONPR...)
8 19 103.43.90.53 29990 (ASN-APPNEX)
5 182.161.74.18 55569 (CRITEO-AS...)
12 69.173.158.65 26667 (RUBICONPR...)
3 18.140.101.67 16509 (AMAZON-02)
3 104.18.25.185 13335 (CLOUDFLAR...)
3 103.231.99.77 62713 (AS-PUBMATIC)
1 4 40.118.246.51 8075 (MICROSOFT...)
20 18.65.176.135 16509 (AMAZON-02)
1 151.101.66.202 54113 (FASTLY)
2 5 18.65.216.12 16509 (AMAZON-02)
1 96.7.39.73 20940 (AKAMAI-ASN1)
2 151.101.193.140 54113 (FASTLY)
6 35.244.204.77 15169 (GOOGLE)
2 18.65.211.119 16509 (AMAZON-02)
1 142.251.222.48 15169 (GOOGLE)
1 3 104.16.126.175 13335 (CLOUDFLAR...)
23 26 3.33.220.150 16509 (AMAZON-02)
4 5 3.114.199.131 16509 (AMAZON-02)
8 9 18.143.106.89 16509 (AMAZON-02)
4 6 23.210.41.190 16625 (AKAMAI-AS)
1 23.39.217.41 16625 (AKAMAI-AS)
1 151.101.228.157 54113 (FASTLY)
5 188.42.150.4 39134 (UNITEDNET)
1 18.65.211.60 16509 (AMAZON-02)
13 172.217.175.14 15169 (GOOGLE)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
5 31.13.82.7 32934 (FACEBOOK)
1 151.139.128.10 20446 (STACKPATH...)
3 3.227.173.138 14618 (AMAZON-AES)
1 18.65.214.119 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
1 104.19.150.54 13335 (CLOUDFLAR...)
12 34.107.254.252 396982 (GOOGLE-CL...)
5 182.161.74.11 55569 (CRITEO-AS...)
2 19 52.46.130.91 16509 (AMAZON-02)
1 3.239.232.129 14618 (AMAZON-AES)
21 36 142.250.198.2 15169 (GOOGLE)
14 172.217.26.226 15169 (GOOGLE)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
6 34.95.126.7 396982 (GOOGLE-CL...)
5 12 34.98.64.218 396982 (GOOGLE-CL...)
2 34.160.105.74 15169 (GOOGLE)
5 34.217.190.125 16509 (AMAZON-02)
4 4 50.116.239.135 6336 (TURN-US-ASN)
4 9 8.39.36.142 26667 (RUBICONPR...)
5 5 124.146.215.43 2514 (INFOSPHER...)
3 3 18.65.168.89 16509 (AMAZON-02)
1 35.162.220.137 16509 (AMAZON-02)
2 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
11 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.196.142 15169 (GOOGLE)
2 34.120.117.212 396982 (GOOGLE-CL...)
2 35.227.196.211 15169 (GOOGLE)
2 52.71.184.108 14618 (AMAZON-AES)
2 52.192.10.122 16509 (AMAZON-02)
5 29 23.90.68.235 27381 (CASALE-MEDIA)
4 9 52.77.12.134 16509 (AMAZON-02)
1 54.169.162.4 16509 (AMAZON-02)
8 23.39.217.233 16625 (AKAMAI-AS)
4 5 35.71.178.8 16509 (AMAZON-02)
1 33 31.13.82.36 32934 (FACEBOOK)
2 8 51.89.9.254 16276 (OVH)
2 13.230.74.203 16509 (AMAZON-02)
3 7 52.76.245.72 16509 (AMAZON-02)
1 2 35.186.253.211 15169 (GOOGLE)
4 172.217.175.68 15169 (GOOGLE)
2 142.250.196.131 15169 (GOOGLE)
5 207.65.34.81 62713 (AS-PUBMATIC)
1 35 54.238.120.71 16509 (AMAZON-02)
9 10 35.213.12.39 15169 (GOOGLE)
4 4 103.229.10.211 16509 (AMAZON-02)
3 3 54.197.248.161 14618 (AMAZON-AES)
2 2 52.0.248.85 14618 (AMAZON-AES)
2 2 150.136.156.92 31898 (ORACLE-BM...)
2 8.18.47.7 398989 (DEEPINTENT)
4 4 70.42.32.223 22075 (AS-OUTBRAIN)
3 3 52.74.92.105 16509 (AMAZON-02)
2 2 74.214.196.131 19189 (PULSEPOINT)
2 3 23.106.127.165 59253 (LEASEWEB-...)
5 6 151.101.130.49 54113 (FASTLY)
1 2 80.77.87.161 46636 (NATCOWEB)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
3 3 23.208.233.60 16625 (AKAMAI-AS)
3 182.161.74.1 55569 (CRITEO-AS...)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 142.250.207.14 15169 (GOOGLE)
1 18.65.216.91 16509 (AMAZON-02)
1 5 54.251.235.27 16509 (AMAZON-02)
3 3 8.43.72.98 26667 (RUBICONPR...)
6 6 74.118.186.107 6336 (TURN-US-ASN)
2 21 207.65.34.80 62713 (AS-PUBMATIC)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 13.229.173.169 16509 (AMAZON-02)
1 2 119.9.108.191 45187 (RACKSPACE...)
2 3 34.142.175.23 396982 (GOOGLE-CL...)
1 1 51.255.68.171 16276 (OVH)
4 4 8.39.36.141 26667 (RUBICONPR...)
1 13.107.42.14 8068 (MICROSOFT...)
1 52.95.115.255 16509 (AMAZON-02)
2 142.251.222.1 15169 (GOOGLE)
7 142.251.42.138 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
3 52.92.193.17 16509 (AMAZON-02)
2 142.250.196.98 15169 (GOOGLE)
1 209.192.253.60 7979 (SERVERS-COM)
1 64.233.188.156 15169 (GOOGLE)
1 1 185.183.112.148 60350 (VP)
3 3 185.84.60.30 198622 (ADFORM)
2 2 13.114.73.147 16509 (AMAZON-02)
1 1 103.229.205.242 30419 (MEDIAMATH...)
1 213.19.162.80 3356 (LEVEL3)
1 23.106.127.164 59253 (LEASEWEB-...)
2 2 35.190.60.146 15169 (GOOGLE)
2 4 207.65.34.77 62713 (AS-PUBMATIC)
2 99.83.154.140 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
2 172.217.31.130 15169 (GOOGLE)
7 172.217.31.129 15169 (GOOGLE)
1 172.217.175.6 15169 (GOOGLE)
1 1 202.233.84.8 131957 (MICROAD M...)
1 1 185.196.197.130 39572 (ADVANCEDH...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
2 3 93.158.134.90 13238 (YANDEX)
1 52.92.224.144 16509 (AMAZON-02)
2 2 3.114.65.25 16509 (AMAZON-02)
3 4 38.133.127.191 22075 (AS-OUTBRAIN)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 1 18.176.234.133 16509 (AMAZON-02)
1 1 34.160.19.107 15169 (GOOGLE)
5 103.231.99.81 62713 (AS-PUBMATIC)
1 35.190.10.96 15169 (GOOGLE)
1 54.169.25.178 16509 (AMAZON-02)
1 182.161.74.16 55569 (CRITEO-AS...)
1 1 54.168.191.169 16509 (AMAZON-02)
3 3 220.150.223.50 4686 (BEKKOAME ...)
1 1 220.150.223.52 4686 (BEKKOAME ...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 1 172.105.221.29 63949 (AKAMAI-LI...)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 52.76.217.203 16509 (AMAZON-02)
1 1 198.8.71.131 54312 (ROCKETFUEL)
2 2 89.207.22.105 41041 (VCLK-EU-SE)
1 18.65.216.76 ()
1 1 44.215.235.22 ()
1 54.68.72.119 ()
2 151.101.194.132 ()
2 34.200.176.4 ()
10 96.7.39.83 ()
1 23.41.63.80 ()
3 142.250.198.3 ()
13 23.81.164.160 ()
1 34.235.72.228 ()
1 162.19.138.119 ()
2 2 209.191.163.152 ()
2 172.217.26.234 ()
1 23.61.252.123 ()
2 2 104.18.24.173 ()
1 1 54.64.141.118 ()
691 139
1    137.184.93.175 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
claim-refund-irs.misecure.com
1    98.129.228.59 (United States)

ASN33070 (RMH-14, US)
timesunion.com
63    151.101.64.200 (United States)

ASN54113 (FASTLY, US)
www.timesunion.com
treg.hearstnp.com
projects.sfchronicle.com
aps.hearstnp.com
s.hdnux.com
1    151.101.65.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
15    54.248.150.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
tm.hdmtools.com
34    18.65.216.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-13.nrt57.r.cloudfront.net
n730.timesunion.com
2    18.65.203.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-203-198.nrt57.r.cloudfront.net
static.chartbeat.com
5    54.185.109.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-109-45.us-west-2.compute.amazonaws.com
scorestream.com
6    142.251.42.136 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f8.1e100.net
www.googletagmanager.com
7    172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net
securepubads.g.doubleclick.net
1    104.18.26.152 (None, )

ASN13335 (CLOUDFLARENET, US)
0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
8    18.65.221.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-221-214.nrt57.r.cloudfront.net
c.amazon-adsystem.com
7    23.39.216.189 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-216-189.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    18.65.199.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-199-115.nrt57.r.cloudfront.net
d15kdpgjg3unno.cloudfront.net
1    18.65.214.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-214-227.nrt57.r.cloudfront.net
dyv1bugovvq1g.cloudfront.net
5    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
7    3.226.154.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-154-247.compute-1.amazonaws.com
hearst.blueconic.net
11    69.173.158.92 (Singapore)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
19    103.43.90.53 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
5    182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
12    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    18.140.101.67 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-101-67.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
3    103.231.99.77 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    40.118.246.51 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
realm.hearst3pcc.com
realm.hearstnp.com
20    18.65.176.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-176-135.nrt57.r.cloudfront.net
aax.amazon-adsystem.com
1    151.101.66.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
5    18.65.216.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-12.nrt57.r.cloudfront.net
sb.scorecardresearch.com
1    96.7.39.73 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-7-39-73.deploy.static.akamaitechnologies.com
cdn-channels-pixel.ex.co
2    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
6    35.244.204.77 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 77.204.244.35.bc.googleusercontent.com
content.zenimpact.io
2    18.65.211.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-211-119.nrt57.r.cloudfront.net
js.adsrvr.org
1    142.251.222.48 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f16.1e100.net
storage.googleapis.com
3    104.16.126.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
26    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
5    3.114.199.131 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-199-131.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
9    18.143.106.89 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    23.210.41.190 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-41-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    23.39.217.41 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-217-41.deploy.static.akamaitechnologies.com
s.ntv.io
1    151.101.228.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    188.42.150.4 (Moscow, Russian Federation)

ASN39134 (UNITEDNET, RU)
sailplay.net
1    18.65.211.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-211-60.nrt57.r.cloudfront.net
cdn.parsely.com
13    172.217.175.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f14.1e100.net
www.google-analytics.com
2    107.178.250.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
5    31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net
connect.facebook.net
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
3    3.227.173.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-173-138.compute-1.amazonaws.com
ping.chartbeat.net
1    18.65.214.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-214-119.nrt57.r.cloudfront.net
d2sgc57sw7l730.cloudfront.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
0272ac85-5199-4024-a555-397c3d825d95.prmutv.co
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
12    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
5    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
19    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    3.239.232.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-129.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
36    142.250.198.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f2.1e100.net
cm.g.doubleclick.net
14    172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
6    34.95.126.7 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.126.95.34.bc.googleusercontent.com
sp-t-hearstnewspapers.com
12    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
jp-u.openx.net
2    34.160.105.74 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 74.105.160.34.bc.googleusercontent.com
hub2.zenimpact.io
5    34.217.190.125 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-190-125.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
9    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    18.65.168.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-89.nrt57.r.cloudfront.net
cr-p3.ladsp.com
cr-p10.ladsp.com
1    35.162.220.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-220-137.us-west-2.compute.amazonaws.com
p1.parsely.com
2    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
11    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.196.142 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f14.1e100.net
ampcid.google.com
2    34.120.117.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.117.120.34.bc.googleusercontent.com
ls.skimresources.com
2    35.227.196.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.196.227.35.bc.googleusercontent.com
insight-api-kgw.zenimpact.io
2    52.71.184.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-184-108.compute-1.amazonaws.com
www.i.matheranalytics.com
2    52.192.10.122 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-10-122.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
29    23.90.68.235 (India)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
9    52.77.12.134 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-12-134.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    54.169.162.4 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-162-4.ap-southeast-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
8    23.39.217.233 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-217-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
33    31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com
www.facebook.com
8    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    13.230.74.203 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-74-203.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
7    52.76.245.72 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-245-72.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    172.217.175.68 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f4.1e100.net
www.google.com
2    142.250.196.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f3.1e100.net
www.google.co.jp
5    207.65.34.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
35    54.238.120.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
10    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    54.197.248.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-248-161.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.0.248.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-248-85.compute-1.amazonaws.com
sync.ipredictive.com
2    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    52.74.92.105 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-92-105.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    23.106.127.165 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
6    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    23.208.233.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-233-60.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
3    182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    142.250.207.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f14.1e100.net
ampcid.google.co.jp
1    18.65.216.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-91.nrt57.r.cloudfront.net
ak.sail-horizon.com
5    54.251.235.27 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-235-27.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
3    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
21    207.65.34.80 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    13.229.173.169 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-173-169.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
3    34.142.175.23 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com
um.simpli.fi
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
4    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    142.251.222.1 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f1.1e100.net
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
7    142.251.42.138 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f10.1e100.net
fonts.googleapis.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    52.92.193.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
cdn-scorestream-com.s3.amazonaws.com
2    142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net
www.googletagservices.com
1    209.192.253.60 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
1    64.233.188.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f156.1e100.net
stats.g.doubleclick.net
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    13.114.73.147 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-73-147.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    23.106.127.164 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
4    207.65.34.77 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    172.217.31.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f2.1e100.net
googleads4.g.doubleclick.net
7    172.217.31.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f1.1e100.net
tpc.googlesyndication.com
1    172.217.175.6 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f6.1e100.net
s0.2mdn.net
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
1    185.196.197.130 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
3    93.158.134.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    52.92.224.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
2    3.114.65.25 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-65-25.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
4    38.133.127.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
5    103.231.99.81 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-px413gkwmt.px-client.net
1    54.169.25.178 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-25-178.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    54.168.191.169 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-191-169.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
3    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    220.150.223.52 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 52.223.150.220.in-addr.arpa
sync-tapi.admatrix.jp
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com
gocm.c.appier.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    52.76.217.203 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-217-203.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    89.207.22.105 (Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
1    18.65.216.76 (None, )

ASN- ()
secure-gl.imrworldwide.com
1    44.215.235.22 (None, )

ASN- ()
usermatch.krxd.net
1    54.68.72.119 (None, )

ASN- ()
beacon.krxd.net
2    151.101.194.132 (None, )

ASN- ()
player.ex.co
2    34.200.176.4 (None, )

ASN- ()
collector.ex.co
10    96.7.39.83 (None, )

ASN- ()
cdn.ex.co
1    23.41.63.80 (None, )

ASN- ()
cdn.playbuzz.com
3    142.250.198.3 (None, )

ASN- ()
fonts.gstatic.com
13    23.81.164.160 (None, )

ASN- ()
p.channelexco.com
s-14.channelexco.com
rtb.channelexco.com
1    34.235.72.228 (None, )

ASN- ()
gpv.ex.co
1    162.19.138.119 (None, )

ASN- ()
lb.eu-1-id5-sync.com
2    209.191.163.152 (None, )

ASN- ()
ap.lijit.com
2    172.217.26.234 (None, )

ASN- ()
imasdk.googleapis.com
1    23.61.252.123 (None, )

ASN- ()
ads.stickyadstv.com
2    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    54.64.141.118 (None, )

ASN- ()
dynalyst-sync.adtdp.com
Apex Domain
Subdomains		 Transfer
74 timesunion.com
timesunion.com — Cisco Umbrella Rank: 113612
www.timesunion.com — Cisco Umbrella Rank: 128425
n730.timesunion.com — Cisco Umbrella Rank: 164534
2 MB
51 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 997
fastlane.rubiconproject.com — Cisco Umbrella Rank: 572
pixel.rubiconproject.com — Cisco Umbrella Rank: 361
eus.rubiconproject.com — Cisco Umbrella Rank: 636
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1187
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1225
token.rubiconproject.com — Cisco Umbrella Rank: 632
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2333
70 KB
48 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 441
s.amazon-adsystem.com — Cisco Umbrella Rank: 317
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1131
154 KB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 366
331 KB
45 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 553
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 592
image6.pubmatic.com — Cisco Umbrella Rank: 809
simage2.pubmatic.com — Cisco Umbrella Rank: 786
image2.pubmatic.com — Cisco Umbrella Rank: 938
image8.pubmatic.com — Cisco Umbrella Rank: 686
simage4.pubmatic.com — Cisco Umbrella Rank: 1265
image4.pubmatic.com — Cisco Umbrella Rank: 1279
134 KB
37 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1627
usersync.gumgum.com — Cisco Umbrella Rank: 1877
12 KB
33 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 KB
32 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 662
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 478
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623
dsum.casalemedia.com — Cisco Umbrella Rank: 1532
26 KB
28 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1346
insight.adsrvr.org — Cisco Umbrella Rank: 581
match.adsrvr.org — Cisco Umbrella Rank: 363
21 KB
21 googlesyndication.com
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
103 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 221
secure.adnxs.com — Cisco Umbrella Rank: 464
21 KB
19 hdnux.com
s.hdnux.com — Cisco Umbrella Rank: 26305
193 KB
16 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 320
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465
7 KB
16 ex.co
cdn-channels-pixel.ex.co — Cisco Umbrella Rank: 40705
player.ex.co
collector.ex.co
cdn.ex.co
gpv.ex.co
1003 KB
15 hdmtools.com
tm.hdmtools.com — Cisco Umbrella Rank: 36201
83 KB
14 openx.net
u.openx.net — Cisco Umbrella Rank: 759
us-u.openx.net — Cisco Umbrella Rank: 482
jp-u.openx.net — Cisco Umbrella Rank: 11580
rtb.openx.net — Cisco Umbrella Rank: 833
2 KB
13 channelexco.com
p.channelexco.com
s-14.channelexco.com
rtb.channelexco.com
e.channelexco.com Failed
27 KB
13 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2852
api.permutive.com — Cisco Umbrella Rank: 2095
googlesync.permutive.com — Cisco Umbrella Rank: 9193
113 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
22 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 245
73 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 772
gum.criteo.com — Cisco Umbrella Rank: 425
dis.criteo.com — Cisco Umbrella Rank: 608
15 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 354
4 KB
10 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 463
fonts.googleapis.com — Cisco Umbrella Rank: 67
imasdk.googleapis.com
149 KB
10 zenimpact.io
content.zenimpact.io — Cisco Umbrella Rank: 51785
hub2.zenimpact.io — Cisco Umbrella Rank: 85835
insight-api-kgw.zenimpact.io — Cisco Umbrella Rank: 55434
28 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566
3 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 812
4 KB
8 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3807
t.skimresources.com — Cisco Umbrella Rank: 3806
p.skimresources.com — Cisco Umbrella Rank: 4863
r.skimresources.com — Cisco Umbrella Rank: 3636
ls.skimresources.com — Cisco Umbrella Rank: 11237
22 KB
8 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 640
eb2.3lift.com — Cisco Umbrella Rank: 406
4 KB
7 blueconic.net
hearst.blueconic.net — Cisco Umbrella Rank: 35554
12 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 777
1 KB
6 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6186
ads.yieldmo.com — Cisco Umbrella Rank: 672
4 KB
6 sp-t-hearstnewspapers.com
sp-t-hearstnewspapers.com — Cisco Umbrella Rank: 204272
57 B
6 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 653
stags.bluekai.com — Cisco Umbrella Rank: 603
2 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
442 KB
6 hearstnp.com
treg.hearstnp.com — Cisco Umbrella Rank: 32232
aps.hearstnp.com — Cisco Umbrella Rank: 31552
realm.hearstnp.com — Cisco Umbrella Rank: 40801
410 KB
5 google.com
ampcid.google.com — Cisco Umbrella Rank: 2411
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com Failed
2 KB
5 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1157
4 KB
5 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1240
5 KB
5 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5041
cdn-scorestream-com.s3.amazonaws.com — Cisco Umbrella Rank: 160740
s3-us-west-2.amazonaws.com
69 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
462 KB
5 sailplay.net
sailplay.net — Cisco Umbrella Rank: 111413
729 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212
4 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
4 KB
5 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 930
pm-widget.taboola.com — Cisco Umbrella Rank: 3197
sync.taboola.com Failed
272 KB
5 scorestream.com
scorestream.com — Cisco Umbrella Rank: 85696
33 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 601
2 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 861
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1707
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 557
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 750 Failed
1 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 857
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 921
2 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10750
www.i.matheranalytics.com — Cisco Umbrella Rank: 10552
44 KB
3 gstatic.com
fonts.gstatic.com
45 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5253
1022 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 604
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 818
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 499
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 617
74 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 509
962 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 670
847 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 791
3 KB
3 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 21955
ampcid.google.co.jp — Cisco Umbrella Rank: 639822
932 B
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3140 Failed
1 KB
3 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 20930
cr-p10.ladsp.com
2 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1316
601 B
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1042
5 KB
3 cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d2sgc57sw7l730.cloudfront.net
141 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1570
mab.chartbeat.com — Cisco Umbrella Rank: 2508
34 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
219 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4074
743 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 977
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6307
673 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 763
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5819
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 7967
960 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3222
474 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 814
722 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 615
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
84 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 986
62 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1251
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 851
855 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1376
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 423
26 KB
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1077
637 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 558
2 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1148
83 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1398
717 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1093
930 B
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 17151
75 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3020
p1.parsely.com — Cisco Umbrella Rank: 2210
25 KB
2 hearst3pcc.com
realm.hearst3pcc.com — Cisco Umbrella Rank: 39933
983 B
1 adtdp.com
dynalyst-sync.adtdp.com
541 B
1 stickyadstv.com
ads.stickyadstv.com
651 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
405 B
1 playbuzz.com
cdn.playbuzz.com
19 KB
1 imrworldwide.com
secure-gl.imrworldwide.com
705 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 891
793 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1462
555 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2564
438 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3384
644 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 81553
622 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 25202
455 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1440
181 B
1 px-client.net
collector-px413gkwmt.px-client.net
1 KB
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1739
366 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 25071
548 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6926
485 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11617
290 B
1 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 26214
526 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 318
168 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1190
672 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1589
680 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1567
176 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 368
513 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3579
566 B
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3326
33 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 710
722 B
1 t.co
t.co — Cisco Umbrella Rank: 536
378 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1486
637 B
1 prmutv.co
0272ac85-5199-4024-a555-397c3d825d95.prmutv.co — Cisco Umbrella Rank: 15447
396 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 754
15 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3555
162 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1335
8 KB
1 webcontentassessor.com
scripts.webcontentassessor.com — Cisco Umbrella Rank: 4301
86 KB
1 permutive.app
0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app — Cisco Umbrella Rank: 11838
385 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1500
683 B
1 sfchronicle.com
projects.sfchronicle.com — Cisco Umbrella Rank: 36245
7 KB
1 misecure.com
claim-refund-irs.misecure.com
467 B
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 nex8.net Failed
cs.nex8.net Failed
0 appspot.com Failed
gtm-kw6hw69-m2q2n.uc.r.appspot.com Failed
0 ctpost.com Failed
p.ctpost.com Failed
691 136
Domain Requested by
39 www.timesunion.com www.timesunion.com
tm.hdmtools.com
treg.hearstnp.com
n730.timesunion.com
36 cm.g.doubleclick.net 21 redirects u.openx.net
rtb.gumgum.com
sync-amz.ads.yieldmo.com
s.amazon-adsystem.com
onetag-sys.com
googleads.g.doubleclick.net
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
www.timesunion.com
35 usersync.gumgum.com 1 redirects rtb.gumgum.com
ads.pubmatic.com
34 n730.timesunion.com www.timesunion.com
n730.timesunion.com
33 www.facebook.com 1 redirects www.timesunion.com
23 match.adsrvr.org 21 redirects www.timesunion.com
js.adsrvr.org
20 aax.amazon-adsystem.com c.amazon-adsystem.com
www.timesunion.com
19 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
ads.pubmatic.com
ssum-sec.casalemedia.com
onetag-sys.com
19 s.hdnux.com www.timesunion.com
18 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
www.timesunion.com
15 tm.hdmtools.com www.timesunion.com
tm.hdmtools.com
14 simage2.pubmatic.com 2 redirects ads.pubmatic.com
s.amazon-adsystem.com
www.timesunion.com
13 www.google-analytics.com tm.hdmtools.com
www.googletagmanager.com
www.google-analytics.com
www.timesunion.com
12 pagead2.googlesyndication.com www.timesunion.com
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
12 fastlane.rubiconproject.com aps.hearstnp.com
11 cdnjs.cloudflare.com hub2.zenimpact.io
scorestream.com
11 secure.adnxs.com 4 redirects www.timesunion.com
ssbsync.smartadserver.com
11 api.permutive.com 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
www.timesunion.com
11 prebid-server.rubiconproject.com aps.hearstnp.com
u.openx.net
onetag-sys.com
www.timesunion.com
rtb.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
10 cdn.ex.co player.ex.co
cdn.ex.co
10 x.bidswitch.net 9 redirects onetag-sys.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
aps.hearstnp.com
cdn.ex.co
9 pixel.rubiconproject.com 4 redirects u.openx.net
s.amazon-adsystem.com
onetag-sys.com
9 ups.analytics.yahoo.com 8 redirects onetag-sys.com
8 onetag-sys.com 2 redirects aps.hearstnp.com
onetag-sys.com
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
cdn.ex.co
8 ib.adnxs.com 4 redirects aps.hearstnp.com
0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
8 c.amazon-adsystem.com aps.hearstnp.com
c.amazon-adsystem.com
cdn.ex.co
7 tpc.googlesyndication.com www.timesunion.com
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
7 fonts.googleapis.com scorestream.com
client
www.timesunion.com
7 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
7 pr-bh.ybp.yahoo.com 3 redirects u.openx.net
ssum-sec.casalemedia.com
www.timesunion.com
7 hearst.blueconic.net n730.timesunion.com
www.timesunion.com
7 ads.pubmatic.com aps.hearstnp.com
s.amazon-adsystem.com
rtb.gumgum.com
cdn.ex.co
7 securepubads.g.doubleclick.net aps.hearstnp.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 rtb.channelexco.com ssum-sec.casalemedia.com
ads.pubmatic.com
ssbsync.smartadserver.com
6 p.channelexco.com cdn.ex.co
6 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
6 sp-t-hearstnewspapers.com storage.googleapis.com
6 content.zenimpact.io tm.hdmtools.com
www.timesunion.com
content.zenimpact.io
6 www.googletagmanager.com www.timesunion.com
aps.hearstnp.com
tm.hdmtools.com
www.googletagmanager.com
scorestream.com
5 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
5 image6.pubmatic.com ads.pubmatic.com
5 eb2.3lift.com 4 redirects www.timesunion.com
5 tg.socdm.com 5 redirects
5 jadserve.postrelease.com s.ntv.io
www.timesunion.com
5 u.openx.net 3 redirects aps.hearstnp.com
s.amazon-adsystem.com
5 gum.criteo.com cdn.taboola.com
static.criteo.net
gum.criteo.com
5 connect.facebook.net tm.hdmtools.com
connect.facebook.net
5 sailplay.net tm.hdmtools.com
5 dpm.demdex.net 4 redirects ssum-sec.casalemedia.com
5 sb.scorecardresearch.com 2 redirects tm.hdmtools.com
www.timesunion.com
5 bidder.criteo.com aps.hearstnp.com
static.criteo.net
5 scorestream.com www.timesunion.com
d2sgc57sw7l730.cloudfront.net
cdnjs.cloudflare.com
4 simage4.pubmatic.com ads.pubmatic.com
4 image8.pubmatic.com 2 redirects onetag-sys.com
www.timesunion.com
4 token.rubiconproject.com 4 redirects
4 sync.1rx.io 4 redirects ssbsync.smartadserver.com
4 b1sync.zemanta.com 4 redirects
4 sync.outbrain.com rtb.gumgum.com
4 cms.quantserve.com 4 redirects
4 www.google.com www.timesunion.com
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 us-u.openx.net 2 redirects u.openx.net
4 ad.turn.com 4 redirects
4 tags.bluekai.com 2 redirects www.timesunion.com
3 fonts.gstatic.com fonts.googleapis.com
3 an.yandex.ru 2 redirects www.timesunion.com
3 c1.adform.net 3 redirects
3 cdn-scorestream-com.s3.amazonaws.com scorestream.com
www.timesunion.com
3 um.simpli.fi 2 redirects s.amazon-adsystem.com
3 pixel.tapad.com 2 redirects s.amazon-adsystem.com
3 pixel-us-east.rubiconproject.com 3 redirects
3 static.criteo.net securepubads.g.doubleclick.net
aps.hearstnp.com
static.criteo.net
3 secure-assets.rubiconproject.com 3 redirects
3 creativecdn.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects cdn.ex.co
3 ad.360yield.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 sync-dsp.ad-m.asia u.openx.net
3 jp-u.openx.net u.openx.net
www.timesunion.com
3 ping.chartbeat.net www.timesunion.com
3 insight.adsrvr.org 2 redirects js.adsrvr.org
3 unpkg.com 1 redirects www.timesunion.com
3 hbopenbid.pubmatic.com aps.hearstnp.com
3 htlb.casalemedia.com aps.hearstnp.com
3 tlx.3lift.com aps.hearstnp.com
3 cdn.taboola.com www.timesunion.com
cdn.taboola.com
3 treg.hearstnp.com www.timesunion.com
treg.hearstnp.com
2 imasdk.googleapis.com cdn.ex.co
imasdk.googleapis.com
2 ap.lijit.com 2 redirects
2 collector.ex.co player.ex.co
2 player.ex.co www.timesunion.com
2 pubmatic-match.dotomi.com 2 redirects
2 pm.w55c.net 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 dsum.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 pool.admedo.com 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 googleads4.g.doubleclick.net www.timesunion.com
2 api.sail-personalize.com www.timesunion.com
2 id.rlcdn.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 www.googletagservices.com scorestream.com
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
2 maxcdn.bootstrapcdn.com scorestream.com
maxcdn.bootstrapcdn.com
2 dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 uipglob.semasio.net 1 redirects s.amazon-adsystem.com
2 sync.crwdcntrl.net 1 redirects s.amazon-adsystem.com
2 sync.targeting.unrulymedia.com 2 redirects
2 cs.admanmedia.com 1 redirects rtb.gumgum.com
2 bh.contextweb.com 2 redirects
2 stags.bluekai.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 realm.hearstnp.com 1 redirects treg.hearstnp.com
2 www.google.co.jp www.timesunion.com
2 rtb.openx.net 1 redirects u.openx.net
2 dps.jp.cinarra.com u.openx.net
ads.pubmatic.com
2 rtb.gumgum.com s.amazon-adsystem.com
aps.hearstnp.com
2 www.i.matheranalytics.com www.timesunion.com
2 insight-api-kgw.zenimpact.io www.timesunion.com
2 ls.skimresources.com s.skimresources.com
2 p.skimresources.com www.timesunion.com
2 t.skimresources.com www.timesunion.com
s.skimresources.com
2 cr-p3.ladsp.com 2 redirects
2 hub2.zenimpact.io content.zenimpact.io
2 googleads.g.doubleclick.net www.googletagmanager.com
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 js.matheranalytics.com 1 redirects www.timesunion.com
2 js.adsrvr.org tm.hdmtools.com
insight.adsrvr.org
2 realm.hearst3pcc.com treg.hearstnp.com
2 static.chartbeat.com www.timesunion.com
tm.hdmtools.com
1 dynalyst-sync.adtdp.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 lb.eu-1-id5-sync.com cdn.ex.co
1 s-14.channelexco.com
1 gpv.ex.co www.timesunion.com
1 cdn.playbuzz.com
1 beacon.krxd.net js.adsrvr.org
1 usermatch.krxd.net 1 redirects
1 secure-gl.imrworldwide.com js.adsrvr.org
1 p.rfihub.com 1 redirects
1 t.adx.opera.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 image4.pubmatic.com www.timesunion.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 sync-tapi.admatrix.jp 1 redirects
1 ds.uncn.jp 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 d.adroll.com ssum-sec.casalemedia.com
1 collector-px413gkwmt.px-client.net www.timesunion.com
1 dmp.brand-display.com 1 redirects
1 bk.r-ad.ne.jp 1 redirects
1 s3-us-west-2.amazonaws.com www.timesunion.com
1 dsp.adkernel.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 s-cs.send.microad.jp 1 redirects
1 s0.2mdn.net dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
imasdk.googleapis.com
1 id5-sync.com cdn.id5-sync.com
cdn.ex.co
1 ssbsync-global.smartadserver.com onetag-sys.com
1 pixel-eu.rubiconproject.com onetag-sys.com
1 sync.mathtag.com 1 redirects
1 sync.adotmob.com 1 redirects ssbsync.smartadserver.com
1 stats.g.doubleclick.net www.google-analytics.com
1 sync.colossusssp.com www.timesunion.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 dsp.nrich.ai 1 redirects
1 cr-p10.ladsp.com 1 redirects
1 ak.sail-horizon.com www.timesunion.com
1 ampcid.google.co.jp www.google-analytics.com
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ampcid.google.com www.google-analytics.com
1 r.skimresources.com s.skimresources.com
1 p1.parsely.com www.timesunion.com
1 analytics.twitter.com www.timesunion.com
1 t.co www.timesunion.com
1 alb.reddit.com www.timesunion.com
1 googlesync.permutive.com www.timesunion.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 cdn.permutive.com 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
1 0272ac85-5199-4024-a555-397c3d825d95.prmutv.co 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
1 d2sgc57sw7l730.cloudfront.net scorestream.com
1 s.skimresources.com tm.hdmtools.com
1 cdn.parsely.com tm.hdmtools.com
1 static.ads-twitter.com tm.hdmtools.com
1 s.ntv.io tm.hdmtools.com
1 storage.googleapis.com tm.hdmtools.com
1 www.redditstatic.com tm.hdmtools.com
1 cdn-channels-pixel.ex.co www.timesunion.com
1 mab.chartbeat.com static.chartbeat.com
1 dyv1bugovvq1g.cloudfront.net aps.hearstnp.com
1 d15kdpgjg3unno.cloudfront.net aps.hearstnp.com
1 scripts.webcontentassessor.com aps.hearstnp.com
1 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app aps.hearstnp.com
1 aps.hearstnp.com www.timesunion.com
1 polyfill.io www.timesunion.com
1 projects.sfchronicle.com www.timesunion.com
1 timesunion.com 1 redirects
1 claim-refund-irs.misecure.com 1 redirects
0 dsp.adfarm1.adition.com Failed ssbsync.smartadserver.com
0 adservice.google.com Failed imasdk.googleapis.com
0 e.channelexco.com Failed cdn.ex.co
0 sync.taboola.com Failed ssum-sec.casalemedia.com
0 csync.loopme.me Failed ads.pubmatic.com
0 cs.nex8.net Failed u.openx.net
0 gtm-kw6hw69-m2q2n.uc.r.appspot.com Failed www.googletagmanager.com
0 p.ctpost.com Failed www.timesunion.com
691 213
Subject Issuer Validity Valid
*.beaumontenterprise.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-16 -
2024-05-17		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
tm.hdmtools.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-07 -
2023-11-01		 a year crt.sh
u896.weekand.com
Amazon RSA 2048 M02		 2023-04-06 -
2024-05-04		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
scorestream.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
permutive.app
E1		 2023-08-02 -
2023-10-31		 3 months crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-05-08 -
2024-06-08		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
realm.hearst3pcc.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-04-04		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
cdn.ex.co
R3		 2023-06-07 -
2023-09-05		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
content.zenimpact.io
GTS CA 1D4		 2023-06-20 -
2023-09-18		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
quebec.sailplay.net
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-19 -
2023-08-17		 3 months crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-25 -
2023-12-25		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-25 -
2023-12-25		 a year crt.sh
sp-t-hearstnewspapers.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-17 -
2024-08-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
hub2.zenimpact.io
GTS CA 1D4		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-05-02 -
2024-05-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
insight-api-kgw.zenimpact.io
GTS CA 1D4		 2023-08-06 -
2023-11-04		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
gumgum.com
Amazon RSA 2048 M03		 2023-08-07 -
2024-09-05		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-11-21		 10 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.hearstnp.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-17 -
2024-08-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-02-13 -
2024-02-15		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2022-09-08 -
2023-10-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-28		 9 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2022-08-30 -
2023-09-29		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2023-06-08 -
2024-07-09		 a year crt.sh
*.playbuzz.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-30 -
2024-05-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.channelexco.com
R3		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh

This page contains 91 frames:

Primary Page: https://www.timesunion.com/
Frame ID: F301A3BC1A0268C91D951A5B5BA86230
Requests: 397 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Frame ID: 9C8369022B28C35340171E4E0E392CDF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 7810AA0362CE6DD0AB45D437DC9ADC5F
Requests: 8 HTTP requests in this frame

Frame: https://hub2.zenimpact.io/values
Frame ID: 5C8866A1BBB412036B7711794BE7F1FF
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08462123537939292
Frame ID: 7CEB9B5D9A788D6AA159A5F2FC53E0CE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 6F5EE6EF52B56CEB2879CBDD23ECBCD3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 22AE4CAE17F28F9881616E5E621E46BE
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: A892056188D471BCB8EB32374AFA6271
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: C0704FC445E22C12A8F55930B4A1F79F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 4666B96657A42DA4B4665CA72267CC94
Requests: 12 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 65E130759310D7BD516C4DED15C96C45
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 8AFE977326B0CC885F17691733F356E9
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02cFhZc3Q1RTJ1SUlwS3pOT3RGMWVLNHAzMUx0aVdob35B
Frame ID: DC436F34CE57775600D157C767E8C2A4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: AB931AE8B1A3ADE786B8459955D65E73
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2546882368749204855&ex=appnexus.com
Frame ID: 15A95FE2718E2004294A9A2C524ECC4C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4412166927166683519015
Frame ID: BDD10AFFDFEBF518DA2ABFC540427FCA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Frame ID: 3491482430C8073257FF97EB484D3167
Requests: 15 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=&_test=ZNQKFQAAAj5PRgAb
Frame ID: 74F949E48EDE8F401CCCDB8540A06C27
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82MDRkY2YxYy1iODRkLTQ5ZDMtYjU5ZS0xOWUxZTllOTEyZmE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 5A07C22F3A40EF61789D1323937CE8D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 2B897175F147DB75824C11F1BC3E3B64
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
Frame ID: F340CF10F8DDC14E1A7AAAEA8DEAD587
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
Frame ID: EB579578AFD52211EF65025141839D45
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 9B3B2E16CED890FF4E1AB86639C68F6E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Frame ID: DA91F1DBFCB0B2F4C9F49BDF02E5819E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum&tc=1
Frame ID: B0252D5905EB0C1D1A53A00F10BF96D4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: F43D4B29526354C90A839759C206D738
Requests: 3 HTTP requests in this frame

Frame: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Frame ID: 70D78FB5DFE1E07D503F62ED3DF836B1
Requests: 23 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdYgxazyGgM6ks8AD7P3orXh088AAAGJ3EdmJw
Frame ID: EEF65023E924625F5A6814EABD9839EB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Frame ID: D19E4F582B36197785FB4986154AE1E2
Requests: 1 HTTP requests in this frame

Frame: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCE05B3747746FDCF5B2E5F909FA75E3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ABE69B02497040A3AFC7AF94FD2954BB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CAFA1E3B25C3216EC1E9647E37369CA1
Requests: 1 HTTP requests in this frame

Frame: https://www.timesunion.com/hdn/hrlm/p/silent.html
Frame ID: E4F2B5E67F6B25E61BB9A9F73050F7CE
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 977BB3CE26FC092D13BCB9177B42C55D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9AC38BC0EC5136244A4BA4AC5ACB169D
Requests: 1 HTTP requests in this frame

Frame: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E3B0F6915A1269F8C145EBFF0ECB127
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYvbn-4AEwAQ&v=APEucNXdZ7EFjpO8E1I4R4prkDCgIZJNiwKcbStIk9kQWLyyQdfPtBu5UiD15XoBZtPWRY1oMwmq4i3S8PVKeBHRRTnq7jVyow
Frame ID: E608C764D34817C53B63F8553EF4B8A7
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02A32F177CB66D471AB8D0051D163210
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: ED9124118B0B9F8FD4C395914AAD6B81
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: D0C93D27FF610D017BF035630C23BACE
Requests: 15 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=
Frame ID: EC26F51CA9F30491943090ADB2A32124
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82MDRkY2YxYy1iODRkLTQ5ZDMtYjU5ZS0xOWUxZTllOTEyZmE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: C52A3604B9AB81EF0F427A056D3B9A38
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 82DF6A0EAD05F0F3FAD80215EA9B12FC
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
Frame ID: 08DC5774613110A132F6F6EEECAE646B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
Frame ID: B27F322CEF4DABDB6D2EC1CCCEFAA35A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=11927982-9abf-4e79-b649-e54149dd16ce
Frame ID: F745FEB6BD851B622A40C941200BA423
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 267FB59C85BD845BC402B68E84ACF5B7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum
Frame ID: B7BDDD4926824E85F0F6DF4C84DFAE24
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: AB6659D8E067D674FD79FF8699EE76D9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CF25DDFCE12724FF25F611E05C44B1DB
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Frame ID: 3B864FA438EDEA0567522DE0F9957684
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 23E928378B91BC0EC0089D64679D1AEF
Requests: 10 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9578004FB9E9DEE8555AD3471B9D8569
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3
Frame ID: C0CCB14ABCDFFAD3B11529209174EC41
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2546882368749204855&gdpr=0&gdpr_consent=
Frame ID: 21E52024F3DD40D9E568110B8990801D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=8xbcezPI8FH
Frame ID: ACFB6835848B28200518E06FB1C8E566
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL
Frame ID: 924863E57E261276B9D48CF005E8FC9A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=wle8ocr2vdd0
Frame ID: 075A70A8D1080BDBF15F6597A62FF5F3
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 2B9BBB7E4A242AEEDEB816A3E4D8942F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Frame ID: 61DEF03188604BB0F59F553A24F5B4DA
Requests: 1 HTTP requests in this frame

Frame: https://hub2.zenimpact.io/set?zenId=65a11ddd-2e4a-2ab8-a262-10e227f0cb70&print=0f6738a7c196c14492e9baaa7fccc590&token=AIzaSyBCYW8JYdGu-vHvMUwuuAvoZxduUsSCVMM
Frame ID: E525543392BAAE0357A4150881AC0869
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WNOCzUuPBIC9zKzZGgrUZA
Frame ID: B0773DA8B44FF11028D13DE8352D8ED7
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Frame ID: 714D56692B2CA1B2E3F2C8881F657BD2
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D811DD5CC5C69247986CEC99AFBC7CD0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b99938abe7704db69e5ffee92bc2c836
Frame ID: 47010151197EE4373822425BCFDA9C0E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X31vL9HZSGNpJLq1ByOm5Q&gdpr=0&gdpr_consent=
Frame ID: FEBDDDE2C0C6919F503E596D2FB5CA6E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU960b06642275419d93b5014abfc392f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: 4FDB1A69F31EDF451CE86BCEB48C5213
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 8FCED2891282A94F553540E10449D1F1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:v6NLNtCw1QtR4n5&gdpr=0&gdpr_consent=
Frame ID: 2B037B0A987D7F4118B4853A5A862B37
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759397538755038
Frame ID: B54CDF9FA98D5BB0BF996B97EEC77539
Requests: 1 HTTP requests in this frame

Frame: https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Frame ID: 84F9CD02F78A0B763993B5C3BA2F64C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D6760D4DB5F94F92A06BCCFBD3FDA6C8&gdpr=0&gdpr_consent=
Frame ID: DF59BCB757B0327663BB6B76050DC1E2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Frame ID: 98490E05E27A7EBA457ABCEA22FA0C4B
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ctg2su6&ref=https%3A%2F%2Fwww.timesunion.com%2F&upid=rnejfix&upv=1.1.0&gpp_consent=DBABTA~1---&gpp_sid=-1
Frame ID: 6360F9F9C7C9539CEF00AA85C5EDDF30
Requests: 2 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=tradedesk&cg=63eeee38-aa0d-41c4-9eaa-932b32d94862
Frame ID: 5D0F8F9D8F7B48753EAE057C768C235D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: C29B18C5C2A9908D8D3E46B1EA40D3FA
Requests: 1 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
Frame ID: FD9DBD272B6FA3BADD982F9EF5F961B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A521FF13F15841C03ACF231E0C4ACC1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEA09D3218D20B4C573FE82FDBD9E3F9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.timesunion.com&us_privacy=1---
Frame ID: E97EB3B66B89EDD80DD20B4D9985E27F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.timesunion.com&us_privacy=1---
Frame ID: 4FE3C64C3F2EDD86EED3091F5E7600AD
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: A02F311E9FDDDE05850A382A81D95AB5
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Frame ID: C9A271EF48BA96129B658FA7BFC1FADC
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D17163%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3DPM_UID
Frame ID: 418EBF5391108DFA63DB3C88764DFAFB
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=35
Frame ID: 1EAEF2185803CF74C1E482172969842D
Requests: 6 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 0A68DF5FFAAF8D6C04203FA0A31536B6
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ex.co/prebid/production/release/1.6.0/latest/expb.js
Frame ID: E240B1F8646CD35A264CF097DC5B9F9C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.channelexco.com/cookie_sync?bid=17163&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Frame ID: 5E3CE4CF266D97D5A3BAFA815F637F71
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd
Frame ID: 25D88C1BEF5485094938C5EC5DEA09F5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: DC27B6197A8FE41CF70542C63C15449F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Frame ID: 743E711E23CD5B91D542B912BEEEB7AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Times Union - Times Union

Page URL History Show full URLs

  1. https://claim-refund-irs.misecure.com/ HTTP 307
    https://timesunion.com/ HTTP 301
    https://www.timesunion.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

691
Requests

80 %
HTTPS

0 %
IPv6

136
Domains

213
Subdomains

139
IPs

13
Countries

8893 kB
Transfer

25385 kB
Size

204
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://claim-refund-irs.misecure.com/ HTTP 307
    https://timesunion.com/ HTTP 301
    https://www.timesunion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.4.0/dist/web-vitals.iife.js
Request Chain 112
  • https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:2dh2h9z&fmt=3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-YJkmS8tE2uJvI7WiG8tGv5fuNplHbH8-~A&gdpr=0 HTTP 302
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Request Chain 113
  • https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:doaf0nb&fmt=3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=55af4700-8ee7-4c07-b44f-e4ece7a47d80&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=55af4700-8ee7-4c07-b44f-e4ece7a47d80&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bfzia3dE2uJW7OfGMQv_UWiyAt4d_A4-~A&gdpr=0 HTTP 302
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Request Chain 125
  • https://js.matheranalytics.com/s/ma86077/712314004/all/ml.js?cb=1632 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma86077/all/1/ml.br.js
Request Chain 146
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
Request Chain 147
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036097&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036097&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
Request Chain 149
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOC12XI21803bBpoLAFJGr0&error=&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62&google_cver=1
Request Chain 182
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Request Chain 188
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 189
  • https://match.adsrvr.org/track/cmf/openx?oxid=fc2bb903-b170-383d-557e-eb14366d15a1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NjNlZWVlMzgtYWEwZC00MWM0LTllYWEtOTMyYjMyZDk0ODYy&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=NjNlZWVlMzgtYWEwZC00MWM0LTllYWEtOTMyYjMyZDk0ODYy&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862&google_gid=CAESEHdCSObkRT9fsDIcsOf9tnE&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
Request Chain 190
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNQKFMCo8XYAALhg1FYAAAAA
Request Chain 191
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXcqy-LQb36iks8AD7P3orXh088AAAGJ3Edh2g
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0NDZhYzktNzgwNy02Njk5LTQwOWUtYjFhZGZjOGZkYmMx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0NDZhYzktNzgwNy02Njk5LTQwOWUtYjFhZGZjOGZkYmMx&google_tc=
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL1SKGMDIpXrKu2q2MIqQ4&google_cver=1
Request Chain 220
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 225
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02cFhZc3Q1RTJ1SUlwS3pOT3RGMWVLNHAzMUx0aVdob35B
Request Chain 227
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2546882368749204855&ex=appnexus.com
Request Chain 228
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4412166927166683519015
Request Chain 240
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=I30zPxj2gROzCqej5XQvGw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 246
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
Request Chain 247
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=-kISWfwXR1vhFUZVrhVbCfVHElXhRRdcqUAVgMFa HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 249
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
Request Chain 250
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
Request Chain 251
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
Request Chain 252
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
Request Chain 253
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 255
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SpoYyQYgU8ZJgVTdZ9LS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVJXA32ZPFIVSZ2VHBNEUZ2WKRSFUOKMKM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVJXA32ZPFIVSZ2VHBNEUZ2WKRSFUOKMKM HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS
Request Chain 256
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
Request Chain 257
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
Request Chain 258
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7007532004844478187
Request Chain 261
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZNQKFQAAAj5PRgAb HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=&_test=ZNQKFQAAAj5PRgAb
Request Chain 264
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
Request Chain 265
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
Request Chain 267
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Request Chain 268
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum&tc=1
Request Chain 269
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 284
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Request Chain 285
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Request Chain 286
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2546882368749204855
Request Chain 287
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZNQKFQAAAj5PRgAb
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFeVAKMnkMsl1wd2sKkEVWI&google_cver=1
Request Chain 290
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3mRviaa11Sa5OsBwEJnd HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
Request Chain 291
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LL49KHU4-18-JMIW
Request Chain 292
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1691617814585 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1223394299 HTTP 302
  • https://sync.1rx.io/usersync/turn/4585599552386632809?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-eefa8192-70c3-4235-84a2-85294b02891d-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-eefa8192-70c3-4235-84a2-85294b02891d-004 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-eefa8192-70c3-4235-84a2-85294b02891d-004
Request Chain 296
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LL49KHU4-18-JMIW HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LL49KHU4-18-JMIW&ex=d-rubiconproject.com&status=ok
Request Chain 299
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdYgxazyGgM6ks8AD7P3orXh088AAAGJ3EdmJw
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GzDswjKlTGOXZzfNK0IAzw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1B30ECC2-32A5-4C63-9767-37CD2B4200CF HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=1B30ECC2-32A5-4C63-9767-37CD2B4200CF HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2894cfd7-9e5f-48ec-9189-2a8cfd2b7e03%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&ttd_puid=2894cfd7-9e5f-48ec-9189-2a8cfd2b7e03%2C%2C
Request Chain 303
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent=&ct=y
Request Chain 304
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUIzMEVDQzItMzJBNS00QzYzLTk3NjctMzdDRDJCNDIwMENG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPGTW2J-eZnFngbPpvvV058&google_cver=1
Request Chain 308
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=e4a15563-f632-4461-8f40-0d0632054511&expires=1&user_group=5&ssp=pubmatic&bsw_param=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 309
  • https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZNQKFcCo8XYAALhg1HQAAAAA
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMi_mq9RXDx_yMfVmG5NSCQ&google_cver=1
Request Chain 312
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmY2Yjg4OTA1NzAwMmUxMDNiNzQwMzY1NjFjOTAwMWNmZGM2YTVjMQ
Request Chain 313
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iqm_il6N6jHweXC1Uo_P88n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pVC7CkRE2oKVX7mnu7GU0iXITEaMkrSQgv8xxQ--~A
Request Chain 314
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL49KHU4-18-JMIW
Request Chain 315
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEw0OUtIVTQtMTgtSk1JVw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJVwjr_9dYQCDT0_3c7TTls&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0OUtIVTQtMTgtSk1JVw==&google_push=
Request Chain 317
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DcjK9AjmQVuNwVCiykmnBA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DcjK9AjmQVuNwVCiykmnBA
Request Chain 318
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
Request Chain 330
  • https://www.facebook.com/tr/?id=772962626513104&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814474&cd[segment_id]=42567&sw=1600&sh=1200&v=2.9.121&r=stable&ec=2&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?cd[segment_id]=42567&coo=false&dl=https%3A%2F%2Fwww.timesunion.com%2F&dpo=LDU&dpoco=0&dpost=0&ec=2&ev=PermutiveSegmentEntry&exp=a1&fbp=fb.1.1691617813494.1701705887&id=772962626513104&if=false&it=1691617813221&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1691617814474&v=2.9.121
Request Chain 374
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LL49KHU4-18-JMIW HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LL49KHU4-18-JMIW
Request Chain 375
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209814&gdpr=0&gdpr_consent=
Request Chain 376
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNQKFs3ld5943t1XPXFPfwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNQKFs3ld5943t1XPXFPfwAAFY8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
Request Chain 379
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 380
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3735528708331917475&expiration=1692827415
Request Chain 381
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHT2U7JqBQAACS4iMx9tQ&expiration=1692827414
Request Chain 382
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2546882368749204855
Request Chain 388
  • https://realm.hearstnp.com/connect/authorize?client_id=hdn.js&redirect_uri=https%3A%2F%2Fwww.timesunion.com%2Fhdn%2Fhrlm%2Fp%2Fsilent.html&response_type=id_token%20token&scope=openid%20email%20hdn.albany&state=06f295bbd369406084ada4ad50b31a29&nonce=e5a3de852472414d93c9120257029d18&prompt=none&acr_values=siteId%3Atimesunion.com HTTP 302
  • https://www.timesunion.com/hdn/hrlm/p/silent.html
Request Chain 390
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=e49264d4-0a17-4000-b5ba-3c07d55b35b8&gdpr=1&gdpr_consent=
Request Chain 392
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2546882368749204855
Request Chain 394
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABidxHa1LPIoyYSVkhZ1D3B29NzPRdRmiH4A
Request Chain 396
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCJeU0KYGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 397
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mQcPUMHqDGozoLMWoPard5rW6A_ETEOFbSiCz1wZoz8
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEML6LzLGwvCll9xnkpJJRiM&google_cver=1
Request Chain 401
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Request Chain 428
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3mRviaa11Sa5OsBwEJnd&gdpr=&gdpr_consent=&us_privacy=1---
Request Chain 430
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
Request Chain 432
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNQKFmk-ZsdbmBXGQXOHVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
Request Chain 433
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKA_AKNLgjHwqEz3YgC30s8&google_cver=1&google_push=AXcoOmRx8s2ziso3VM1jyqBfi6TjeZqt7NAgCkvIDL8DJy3p8XoGNk9O96dD2Bi50GZuZjtIHpoVLNesMsYeo2iY_d1NTE6t66yU HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRx8s2ziso3VM1jyqBfi6TjeZqt7NAgCkvIDL8DJy3p8XoGNk9O96dD2Bi50GZuZjtIHpoVLNesMsYeo2iY_d1NTE6t66yU&google_hm=FbeVgj_yafpOeXTF63ivIA
Request Chain 434
  • https://um.simpli.fi/gp_match?google_gid=CAESEPdToqFA1xqFnTw4xj22NqQ&google_cver=1&google_push=AXcoOmSe13AzytSr1IGcPiR6V5dVoDbqtC3_Y7Cx7_s0bxZYrU_jTyspqntmPQgNSW_LfugKBcmTizIZPTT2ylGeBc91h8fxbQkW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D6760D4DB5F94F92A06BCCFBD3FDA6C8&google_push=AXcoOmSe13AzytSr1IGcPiR6V5dVoDbqtC3_Y7Cx7_s0bxZYrU_jTyspqntmPQgNSW_LfugKBcmTizIZPTT2ylGeBc91h8fxbQkW
Request Chain 435
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEEblFGlvaX2ODFNTd6loFeg&c_param1=AXcoOmSm2KqnA_cwxPHd-LqYDvJWSzPOVtzMy79_2DRQFaE7zQ17ZHFlbM34slfRH9skf5OvrLt--H2Eqiyw7sqsiQTUKy5omxkT&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSm2KqnA_cwxPHd-LqYDvJWSzPOVtzMy79_2DRQFaE7zQ17ZHFlbM34slfRH9skf5OvrLt--H2Eqiyw7sqsiQTUKy5omxkT
Request Chain 436
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEawLr6MZjFYxEDuy8t-7yU&google_cver=1&google_push=AXcoOmSxqC-exuuiLVvOuBmzQkoiviZBONmQ6eZg_LTb0--WxYPBe7Ghf9R92ZiX8lVWmDJ5gKVy6prr0cCAvYZqgPCOwBwDhBie HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-eefa8192-70c3-4235-84a2-85294b02891d-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSxqC-exuuiLVvOuBmzQkoiviZBONmQ6eZg_LTb0--WxYPBe7Ghf9R92ZiX8lVWmDJ5gKVy6prr0cCAvYZqgPCOwBwDhBie%26google_hm%3DBO76gZJww0I1hKKFKUsCiR0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSxqC-exuuiLVvOuBmzQkoiviZBONmQ6eZg_LTb0--WxYPBe7Ghf9R92ZiX8lVWmDJ5gKVy6prr0cCAvYZqgPCOwBwDhBie&google_hm=BO76gZJww0I1hKKFKUsCiR0
Request Chain 437
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHWDq_lw7a7OWA5Hoq8VMOE&google_cver=1&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_mn0QN2qAAWbyoO1UJIfuj HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHWDq_lw7a7OWA5Hoq8VMOE%26google_cver%3D1%26google_push%3DAXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_mn0QN2qAAWbyoO1UJIfuj HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6409972205841127029&exchange=193&google_gid=CAESEHWDq_lw7a7OWA5Hoq8VMOE&google_cver=1&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_mn0QN2qAAWbyoO1UJIfuj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY0MDk5NzIyMDU4NDExMjcwMjk&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_mn0QN2qAAWbyoO1UJIfuj
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECdv0096ijF4xhAad1gS0jg&google_cver=1&google_push=AXcoOmRLLjGKbEDzDOxVhU_K5R5ze0d74PVYwvG2iDuwLBqj9iM1iFwq1CNpBGYLdIkj9tBnfmKarVhf6jaQ4sxtBGXOJD1BorqmVw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QUHlRUU05RTJ1SGxNTkdrRjhEVW54T0l3M3hWZlhPRX5B&google_push=AXcoOmRLLjGKbEDzDOxVhU_K5R5ze0d74PVYwvG2iDuwLBqj9iM1iFwq1CNpBGYLdIkj9tBnfmKarVhf6jaQ4sxtBGXOJD1BorqmVw
Request Chain 439
  • https://an.yandex.ru/mapuid/google/CAESEButqMNjh3W5etga0va7_uo?ext-param=AXcoOmRB81BBTblrGPE8ZTIpMc8j_KAXabypkefOXz2QvWFEg4vUAA_HlLoY9N_4yrXptrOQP_ia30EEbG_2kdona73G2VncY2S-&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEButqMNjh3W5etga0va7_uo?redir-setuniq=1&ext-param=AXcoOmRB81BBTblrGPE8ZTIpMc8j_KAXabypkefOXz2QvWFEg4vUAA_HlLoY9N_4yrXptrOQP_ia30EEbG_2kdona73G2VncY2S-&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEButqMNjh3W5etga0va7_uo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 447
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
Request Chain 448
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=0035c957-f895-4a06-acbe-4b96f626c00a HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=0035c957-f895-4a06-acbe-4b96f626c00a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=57fac68b-d9a6-4dcd-bf6a-9610d580aa5b&user_group=1&ssp=gumgum2&bsw_param=0035c957-f895-4a06-acbe-4b96f626c00a HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 449
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&obuid=ENC(qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DqszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DqszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=dddf2387-b1a1-4af1-833b-7a9c99b2e357-64d40a1a-4a50&obUid=qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 450
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
Request Chain 451
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
Request Chain 452
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
Request Chain 453
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
Request Chain 454
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 456
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SpoYyQYgU8ZJgVTdZ9LS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVJXA32ZPFIVSZ2VHBNEUZ2WKRSFUOKMKMTHK427OBZGS5TBMN4T2MJNFUWQ&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVJXA32ZPFIVSZ2VHBNEUZ2WKRSFUOKMKMTHK427OBZGS5TBMN4T2MJNFUWQ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS&us_privacy=1---
Request Chain 457
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
Request Chain 458
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
Request Chain 459
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3428615102313504314
Request Chain 461
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=
Request Chain 464
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
Request Chain 465
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
Request Chain 466
  • https://cs.admanmedia.com/sync/gumgum?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=11927982-9abf-4e79-b649-e54149dd16ce
Request Chain 468
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum
Request Chain 469
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 475
  • https://u.openx.net/w/1.0/pd?us_privacy=1--- HTTP 302
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=55mLoG003BDDa007ZOGp
Request Chain 476
  • https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1---& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 477
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157076&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3735528708331917475 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 478
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=208030&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=30a99166-7151-a189-c6cebdc2
Request Chain 489
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=0035c957-f895-4a06-acbe-4b96f626c00a
Request Chain 514
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209817&gdpr=0&gdpr_consent=
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
Request Chain 519
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2546882368749204855
Request Chain 521
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4585599552386632809
Request Chain 525
  • https://ds.uncn.jp/pm/0/sync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3
Request Chain 526
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2546882368749204855&gdpr=0&gdpr_consent=
Request Chain 527
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%2526piggybackCookie%253D%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=6593e977-29b0-40cf-9fed-f33dbee17b26 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=8xbcezPI8FH
Request Chain 528
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL
Request Chain 529
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=wle8ocr2vdd0
Request Chain 533
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i0Kb2ApE2uXon.NMrkS1ZFTKm4YWcco-~A&gdpr=0
Request Chain 534
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 544
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WNOCzUuPBIC9zKzZGgrUZA
Request Chain 547
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b99938abe7704db69e5ffee92bc2c836
Request Chain 548
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X31vL9HZSGNpJLq1ByOm5Q&gdpr=0&gdpr_consent=
Request Chain 549
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU960b06642275419d93b5014abfc392f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 551
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:v6NLNtCw1QtR4n5&gdpr=0&gdpr_consent=
Request Chain 552
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759397538755038
Request Chain 554
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f4e0b326dea1b36&is_secure=true&networkId=17100&version=1&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANLxp8xfeotAMjTxfRAAAAAAA&expiration=1691704219&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 556
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D6760D4DB5F94F92A06BCCFBD3FDA6C8&gdpr=0&gdpr_consent=
Request Chain 589
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Request Chain 590
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
Request Chain 636
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 645
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=HH8eBLZH3NsiBJXlSemuq2wf
Request Chain 646
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D13005%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D HTTP 302
  • https://rtb.channelexco.com/cookie_sync?bid=13005&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=bc8d6672-de4a-0199-26ba-2dfede5c5636
Request Chain 647
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D15611%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D$UID HTTP 302
  • https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=4412166927166683519015
Request Chain 658
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB
Request Chain 659
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNQKFQAAAj5PRgAb
Request Chain 660
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=RKtSE0L-BxFf_AYfEPwbQ0uuUh9frFcWF6n8wk3o
Request Chain 661
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZNQKFcCo8XYAALhg1HQAAAAA
Request Chain 662
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZNQKFmk-ZsdbmBXGQXOHVgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZNQKFmk-ZsdbmBXGQXOHVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662108052547365
Request Chain 663
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYncR6E9T8BkkKLE-lI
Request Chain 673
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136&khaos=LL49KHU4-18-JMIW HTTP 302
  • https://rtb.channelexco.com/cookie_sync?bid=12295&srv=channelexco.com&uid=LL49KHU4-18-JMIW

691 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.timesunion.com/
Redirect Chain
  • https://claim-refund-irs.misecure.com/
  • https://timesunion.com/
  • https://www.timesunion.com/
255 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
198eb2274280a8bc27784790214476b330bf0c905fa6fe9ddad23c40c6a89c83
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=0, s-maxage=0
content-encoding
gzip
content-length
39067
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 21:50:09 GMT
edge-control
!no-store, !bypass-cache, cache-maxage=0s, downstream-ttl=300s
fastly-restarts
1
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=300
user-cache-control
max-age=300
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
via
1.1 varnish
x-block-status
fresh
x-cache
MISS
x-cache-hits
0
x-gen-mode
full
x-served-by
cache-itm18838-ITM
x-vcl-version
375

Redirect headers

Cache-Control
max-age=60
Connection
close
Content-Length
235
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 09 Aug 2023 21:50:08 GMT
Expires
Wed, 09 Aug 2023 21:51:08 GMT
Location
https://www.timesunion.com/
Server
Apache
jquery-2.2.4.min.js
www.timesunion.com/js/core/libs/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/js/core/libs/jquery-2.2.4.min.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
168149
x-cache
HIT
content-length
29852
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 18:06:53 GMT
server
Apache
x-timer
S1691617810.031579,VS0,VE1
etag
"14e49-601539891d2d2"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
treg.js
treg.hearstnp.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://treg.hearstnp.com/treg.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c31e873caf2cd9a837468447f51245087e14f0e8f2bc4ec8cdcac01807f35de

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cdn-rule
fetch: TREG DEFAULT TTL Rule 365d
date
Wed, 09 Aug 2023 21:50:10 GMT
content-encoding
gzip
via
1.1 varnish
expires
Tue, 01 Aug 2023 19:47:02 GMT
x-aspnet-version
4.0.30319
age
698597
x-powered-by
ASP.NET
x-hnp-log
x-cache
HIT
content-length
4785
x-served-by
cache-itm18838-ITM
x-aspnetmvc-version
3.0
last-modified
Tue, 01 Aug 2023 19:42:02 GMT
server
Microsoft-IIS/10.0
x-timer
S1691617810.041967,VS0,VE0
vary
*,Fastly-SSL, X-is-eu, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-vcl-version
32
accept-ranges
bytes
x-cache-hits
162
hnpprivacy-min.js
www.timesunion.com/hdn/dynamic/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
16ad31374a592e707c85faccf15452d815c3fcfc740c9efe67434a3eb64168d2
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cdn-rule
fetch: 5 min ccpa rule
date
Wed, 09 Aug 2023 21:50:10 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
0
x-cache
HIT
content-length
3835
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 07 Aug 2023 19:07:55 GMT
server
Apache
x-timer
S1691617810.031859,VS0,VE584
etag
"371e-60259f6c2645d"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
site.js
www.timesunion.com/js/ 		2 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/js/site.js?v14.4.2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
4af0afb27a0d058cec1b37a1ac8fbdf3104fa7956bb3f45615f91060ced73b84
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
0
x-cache
MISS
content-length
531
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 20:34:28 GMT
server
Apache
x-timer
S1691617810.031215,VS0,VE583
etag
"6d9-6028367f58073"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
0
responsive-frame.js
projects.sfchronicle.com/shared/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projects.sfchronicle.com/shared/js/responsive-frame.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d19396d7cc57062c0d52c25eac8bc72c9930f765fe21bfaf0dc6a3c2e21750c1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
content-encoding
gzip
via
1.1 varnish
age
465
x-cache
HIT
content-length
6990
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 May 2023 22:05:07 GMT
server
Apache/2.4.29 (Ubuntu)
x-timer
S1691617810.196365,VS0,VE0
etag
"4825-5fd04833ddd86-gzip"
vary
Accept-Encoding,Fastly-SSL, X-is-eu
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
x-cache-hits
2
ChronicleDispCond-Black_Web.woff2
www.timesunion.com/css/core/fonts/chronicle/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/css/core/fonts/chronicle/ChronicleDispCond-Black_Web.woff2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
aa1fa50f8c1f4ebf9c077510d048c281a6f0e88bc0818668a159d038cce324fd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
1377826
x-cache
HIT
content-length
25787
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Jul 2023 18:02:07 GMT
server
Apache
x-timer
S1691617810.031167,VS0,VE1
etag
"64bb-6013f69a29198"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
170
ChronicleDispCond-Roman_Web.woff2
www.timesunion.com/css/core/fonts/chronicle/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/css/core/fonts/chronicle/ChronicleDispCond-Roman_Web.woff2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
cc991a23338bb0ea88c299affc5fd3cd8d76b8f2cf47309c7db24a0c7bcc41a0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
3627528
x-cache
HIT
content-length
25527
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Jun 2023 18:00:41 GMT
server
Apache
x-timer
S1691617810.031149,VS0,VE1
etag
"63b7-5ff345ca5e549"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
ChronicleTextG2-Bold_Web.woff2
www.timesunion.com/css/core/fonts/chronicle/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/css/core/fonts/chronicle/ChronicleTextG2-Bold_Web.woff2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
22d865ed074f7915422ab425e2246a5c56cdd0ffd69c44242d534efc318a1192
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
1377826
x-cache
HIT
content-length
30933
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Jul 2023 18:02:08 GMT
server
Apache
x-timer
S1691617810.031131,VS0,VE1
etag
"78d5-6013f69b966c0"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
169
ChronicleTextG2-Italic_Web.woff2
www.timesunion.com/css/core/fonts/chronicle/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/css/core/fonts/chronicle/ChronicleTextG2-Italic_Web.woff2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
0ee276931cfe4b0d1891e595cdea419849ea7f821a8d1cd7c882e0dfc2561f3b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
1377826
x-cache
HIT
content-length
24957
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Jul 2023 18:02:18 GMT
server
Apache
x-timer
S1691617810.031121,VS0,VE1
etag
"617d-6013f6a504163"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
ChronicleTextG2-Roman_Web.woff2
www.timesunion.com/css/core/fonts/chronicle/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/css/core/fonts/chronicle/ChronicleTextG2-Roman_Web.woff2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
5f627b0b3cfeb4875c96277ab0e382817f4f1980038e641ec5dfe431734694f3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
1377826
x-cache
HIT
content-length
30577
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Jul 2023 18:02:07 GMT
server
Apache
x-timer
S1691617810.042099,VS0,VE1
etag
"7771-6013f69ad9868"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
HelveticaNeue-HeavyCond.woff2
www.timesunion.com/css/core/fonts/neuehelvetica/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/css/core/fonts/neuehelvetica/HelveticaNeue-HeavyCond.woff2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
453756fafa4a193856b5e3c456d098e39a491ef0e6c88e0d6ba192606d8a8568
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
1971079
x-cache
HIT
content-length
28960
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 Jul 2023 18:05:27 GMT
server
Apache
x-timer
S1691617810.042067,VS0,VE2
etag
"7120-60039f1a2d61a"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
HelveticaNeue-Roman.woff2
www.timesunion.com/css/core/fonts/neuehelvetica/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/css/core/fonts/neuehelvetica/HelveticaNeue-Roman.woff2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
1377826
x-cache
HIT
content-length
28856
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Jul 2023 18:02:08 GMT
server
Apache
x-timer
S1691617810.042018,VS0,VE1
etag
"70b8-6013f69ba2244"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
channel.min.css
www.timesunion.com/dist/ 		192 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/dist/channel.min.css?v14.4.2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
5392db129b2d5b4ab4ed87f03b99895fefa3b101380954d5764f569ea74bd480
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 21:50:10 GMT
date
Wed, 09 Aug 2023 21:50:10 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
0
x-cache
MISS
content-length
28349
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 19:31:48 GMT
server
Apache
x-timer
S1691617810.042132,VS0,VE730
etag
"2ff9c-6028287d2b100-gzip"
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
0
polyfill.min.js
polyfill.io/v3/ 		101 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=NodeList.prototype.forEach%2CIntersectionObserver%2CIntersectionObserverEntry%2CMutationObserver%2CCustomEvent%2CPromise
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timesunion.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Aug 2023 21:50:10 GMT
age
0
detected-user-agent
Chrome/115.0.5790
useragent_normaliser
chrome/115.0.0
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=51
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 09 Aug 2023 15:35:19 GMT
fastly_service_version
224
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
normalized-user-agent
chrome/115.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
channel.min.js
www.timesunion.com/dist/hdn/ 		227 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/dist/hdn/channel.min.js?v14.4.2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
73137b18c488a5c642c12c6053d62e0d3d9f985dfbadec428cbaa695380f16a0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
1
x-cache
MISS
content-length
61857
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 19:31:48 GMT
server
Apache
x-timer
S1691617810.042002,VS0,VE1127
etag
"38afd-6028287d2b100"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
0
loadAds.js
aps.hearstnp.com/Scripts/ 		683 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5eff628d009e8289f2bf347fbdd7e0001080c9e3d2e31ffb58cb68101a0f2491

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cdn-rule
fetch: 20min JS scripts
date
Wed, 09 Aug 2023 21:50:10 GMT
content-encoding
gzip
via
1.1 varnish
x-aspnet-version
4.0.30319
age
1196
x-powered-by
ASP.NET
x-cache
HIT
content-length
262807
x-served-by
cache-itm18838-ITM
x-aspnetmvc-version
4.0
server
Microsoft-IIS/10.0
x-timer
S1691617810.138275,VS0,VE1
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private
x-vcl-version
49
accept-ranges
bytes
x-cache-hits
1
Bootstrap.js
tm.hdmtools.com/hearst/news/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/Bootstrap.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
2d630de82bee5e702ac4c8fa705a643bc337c3f5b9ba9ca0e9ec5bf348bca580

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:10 GMT
x-amz-version-id
FgDRs64d9MOTw.8hCWwRHS4xFC4Orhxa
content-encoding
gzip
via
1.1 53784e962439e344b6be04336e793994.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
526154
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 03 Aug 2023 19:40:20 GMT
server
CloudFront
etag
W/"7c6ca973b3d721f82a6c14e6b8b0b431"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
VVejrnuBE2J0S1vL44PN8dbgzGxZo-t12iBpw5yrv5mifyQpkz_DnA==
script.js
n730.timesunion.com/ 		211 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/script.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
35aa72db647ff31f24b517b630e9beb4e112570133e959907a2839567acba9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
age
257
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
55964
x-xss-protection
1; mode=block
last-modified
Wed, 09 Aug 2023 21:45:17 GMT
server
-
etag
e8281762fcd5eb386ff4d7131e8831c6
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
KtrvNvwJsJIsgEnAvMBh_dBjqG0-2qItnsi1nXBjfEAUTK2t8FA_AQ==
expires
Wed, 09 Aug 2023 21:55:53 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.203.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-203-198.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:55:21 GMT
content-encoding
gzip
via
1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
NRT57-P3
age
3290
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
gYuTZ-0AFBQFbiMUnNQkxbOOepUoo-V7kJDyTiYYZMJcoAE5F0syRg==
expires
Wed, 09 Aug 2023 22:55:21 GMT
1000x300.jpg
s.hdnux.com/photos/01/24/64/62/22236299/3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/24/64/62/22236299/3/1000x300.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
2a765267729054374adf0c1c67344ae1305e34555a88211bec177be00e3fa0e8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 varnish
age
1154408
x-cache
HIT
content-length
21200
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Jun 2023 13:03:09 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.237962,VS0,VE1
etag
"52d0-5ff07f8ec8070"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 03 Aug 2023 13:10:02 GMT
embed.js
scorestream.com/apiJsCdn/widgets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scorestream.com/apiJsCdn/widgets/embed.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.109.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-109-45.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
7045c61804b60873fa82197c53a562488dc56df663b8a11b458a3fb74f9bd2d1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
logo.svg
www.timesunion.com/img/logos/black/ 		327 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timesunion.com/img/logos/black/logo.svg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
425281
x-cache
HIT
content-length
70959
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 18:06:58 GMT
server
Apache
x-timer
S1691617811.331331,VS0,VE1
etag
"51afb-6015398dfb45c"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
6
hearst_newspapers_logo.svg
www.timesunion.com/img/core/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timesunion.com/img/core/hearst_newspapers_logo.svg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
f173e931167796a34a3ba7d8b3dc90bea6ed9d801b5823212bbc32bb88c9aa02
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
168150
x-cache
HIT
content-length
2540
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 18:06:52 GMT
server
Apache
x-timer
S1691617811.339178,VS0,VE1
etag
"1ad2-60153987a980d"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
GetJS
treg.hearstnp.com/assets/0x7F903A52B79EAF5075AD3B2924B1FDF726649C8C/ 		400 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://treg.hearstnp.com/assets/0x7F903A52B79EAF5075AD3B2924B1FDF726649C8C/GetJS?url=www.timesunion.com
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/treg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc534948cc62343cbcf146713685cd31e54628ecb0a4e8675491e5a80a044635

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cdn-rule
fetch: TREG DEFAULT TTL Rule 365d
date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 07 Aug 2023 21:04:31 GMT
x-aspnet-version
4.0.30319
age
175539
x-powered-by
ASP.NET
x-hnp-log
x-cache
HIT
content-length
143519
x-served-by
cache-itm18838-ITM
x-aspnetmvc-version
3.0
last-modified
Mon, 07 Aug 2023 21:04:31 GMT
server
Microsoft-IIS/10.0
x-timer
S1691617811.339124,VS0,VE1
vary
*,Fastly-SSL, X-is-eu, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-vcl-version
32
accept-ranges
bytes
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		151 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRF8MLS
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
024c44059e9a23aba842d4d3d4dafa15014a71bb864b339957abe33c212606d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56747
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:19:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Aug 2023 21:50:11 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PYHZ4F2D7W
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e77301bf4d67f1bc8d0edd73658879a3fb72e03f72e35fb3fab86d40b6305e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86277
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 21:50:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
28c4eceeafb979fc7663930f63f1fdb432ea6c5d86185a154e2c5689913a361d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28007
x-xss-protection
0
server
cafe
etag
2 / 19578 / m202308030101 / config-hash: 10263545680147000702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 21:50:11 GMT
6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/ 		1 MB
385 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54899ee358338cd21113127789739a58815ef133bc6f28176159c0d4a1ce6a41

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
0272ac85-5199-4024-a555-397c3d825d95
age
0
x-guploader-uploadid
ADPycdujgomexW1evSiQcp8d9flYY8X3MwsshD1mcd0cnCUo0z7OTYXvfwG4c3PNBh_T1ZKdSJN-52sL2DjaeBquDoqUxQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Wed, 09 Aug 2023 20:49:08 GMT
server
cloudflare
etag
W/"bee9e6ee474845bd049bf00f730a62da"
vary
Accept-Encoding
x-goog-generation
1691614148787964
content-type
application/javascript
x-goog-hash
crc32c=Ffu8Cg==, md5=vunm7kdIRb0Em/APcwpi2g==
cache-control
public, max-age=900
x-goog-stored-content-length
454170
timing-allow-origin
*
cf-ray
7f43369b185e1a32-KIX
expires
Wed, 09 Aug 2023 22:05:11 GMT
f999472effec7a1ef427ab8ed55df47b4d250f60f376ce71f7293b353026f514
scripts.webcontentassessor.com/scripts/ 		335 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/f999472effec7a1ef427ab8ed55df47b4d250f60f376ce71f7293b353026f514
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32314d66a7e5af87dbfb00e17807b53d9bf7368f2fcf85e75449090590eb30a7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
dFv9kFv5_Nk9L.tNEt38ckmsj7GORX9g
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-request-id
JMJN4C159V0SEV43
age
3785
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
87693
x-amz-id-2
jJsjZNAFEissG2JbNMnnRnX1O6XYqX+FjLDvsOYaBZtzC8E0M9M8BTOjvHfMkqM521Pc7eQhCKda5XwcEaFyKg==
x-served-by
cache-itm18824-ITM
last-modified
Wed, 09 Aug 2023 20:33:45 GMT
server
AmazonS3
x-timer
S1691617811.420168,VS0,VE1
etag
"820f9a672b0b83234b7e3a82b1abe0f5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:39:14 GMT
content-encoding
gzip
via
1.1 aecc7dfa73bc6b0742b9f46cd70067f4.cloudfront.net (CloudFront), 1.1 f79910dd066cb79d5b224ab3f88841e4.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3, NRT57-P4
age
658
etag
W/"93708b50a97059783aafdf3c6548167d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
MtQx3fBoLl8XeWaKWyyZqtpEXYoLcGKhfBOWBVjQjKQ_y4gcf7bxxw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157076/3354/ 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157076/3354/pwt.js
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
265c7695384ebc42b476d86c5ebe3bcae1b78b6182794838a3edf110102bb9e1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:34:20 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=49165
accept-ranges
bytes
content-length
76903
expires
Thu, 10 Aug 2023 11:29:36 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		111 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=31
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.199.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-199-115.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1c68c32f648c30eb837df112468d2b59fd0df51d4c8046798b41647a5375bda

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
u.9MXJYG8fw0VHnSlqiL6q21D6NZrHz9
content-encoding
gzip
via
1.1 001747808395605468e41a98630a6eac.cloudfront.net (CloudFront)
date
Wed, 09 Aug 2023 03:42:13 GMT
last-modified
Fri, 04 Aug 2023 19:49:59 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
age
65279
x-amz-server-side-encryption
AES256
etag
W/"b384d653601234cc46a005ed04174ffa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
x-amz-cf-id
C692aCMlsKcCUbH-y72UU6rM5OxhqFzn0lQ8FpyoJ07luoZvU9YPXw==
.js
dyv1bugovvq1g.cloudfront.net/31/www.timesunion.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/31/www.timesunion.com/.js
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.214.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-214-227.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be9a032778028aa70eff5f585fd93e2dcb8aff541b7dca177bb9cff5991afcab

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
via
1.1 6b08a30faffc4f051786275c2f0fdfe2.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
534
x-amz-expiration
expiry-date="Mon, 09 Oct 2023 00:00:00 GMT", rule-id="cleanup"
last-modified
Wed, 09 Aug 2023 17:42:42 GMT
server
AmazonS3
etag
"07139f7b9872f2a863e1d666f57f420d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
max-age=300
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
lPfyxWdk3yMdIhrE4UQIZJ-0HLJD35itnXODLlFJzdbYAghPmdXktw==
loader.js
cdn.taboola.com/libtrc/hearstlocalnews-network/ 		717 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/hearstlocalnews-network/loader.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4ac9beed4e46dcda7abbfcb6c58477d6e6850393459d5352b1d10e370e92f95

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
3NFOWfW.CAz9VfnplN7_LgpnahmVDS99
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-request-id
Z7NX897QD2R5P107
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
71608
x-amz-id-2
mz+kzuU3QOR+om0rgvJ+HV0vhtbVAlE1jd4g2lbJCra2sONvQQqycb3cFUTZXRI7zU27OXMALDg=
x-served-by
cache-itm18846-ITM
last-modified
Wed, 09 Aug 2023 09:42:04 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691617812.537610,VS0,VE173
etag
"627a60f03ae37b1b4fd8817c3e203a7c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
serverComponent.php
tm.hdmtools.com/hearst/news/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/serverComponent.php?namespace=Bootstrapper&staticJsPath=/hearst/news/code/&publishedOn=Thu%20Aug%2003%2019:40:16%20GMT%202023&ClientID=109&PageID=https%3A%2F%2Fwww.timesunion.com%2F&custDomain=tm.hdmtools.com
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
d600bfcbb22cc14f50cd1153f0c055083709cb59569b9de9373b71f0a62c7b50

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
via
1.1 55eeb944ebfbb0b85df2890d4b80abd0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
x-amz-cf-id
0nNnwrfXtiuugEh_sKVMJt3jt7fSmmptZYleJfCneHxFzXDyKqlenw==
expires
Wed, 09 Aug 2023 21:50:10 GMT
cs
hearst.blueconic.net/DG/DEFAULT/ 		16 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hearst.blueconic.net/DG/DEFAULT/cs?&callback=bc_json148
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.154.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-154-247.compute-1.amazonaws.com
Software
- /
Resource Hash
99ec5cb75b6020851a0ef792a91d609c9ac99063a78669c8c4cc4762b959950c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
hearst.blueconic.net/DG/DEFAULT/ 		16 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hearst.blueconic.net/DG/DEFAULT/cs?&callback=bc_json149
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.154.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-154-247.compute-1.amazonaws.com
Software
- /
Resource Hash
b78f515b8d003a992fd6008df28c6e04dc7f20b71fb7d8431251b32e629acb78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
hearst.blueconic.net/DG/DEFAULT/ 		16 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hearst.blueconic.net/DG/DEFAULT/cs?&callback=bc_json150
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.154.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-154-247.compute-1.amazonaws.com
Software
- /
Resource Hash
da189b1ab43bdf43184e7fee943728e0ab5381dab4ac72da5c95acc85e533f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
hearst.blueconic.net/DG/DEFAULT/ 		16 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hearst.blueconic.net/DG/DEFAULT/cs?&callback=bc_json151
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.154.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-154-247.compute-1.amazonaws.com
Software
- /
Resource Hash
29ed8d64933d7c346dcd60f3acd688cd7c48b86cbc98142e434d05838c99e723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
hearst.blueconic.net/DG/DEFAULT/ 		16 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hearst.blueconic.net/DG/DEFAULT/cs?&callback=bc_json152
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.154.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-154-247.compute-1.amazonaws.com
Software
- /
Resource Hash
bd6987cb7db1b818b99af810fe849406f950a92842830be534190d2f5ba16138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cd95b921ad1961a6b1b4da1161bebf71651a5b5bd2b9f55819b26eb9871dba3

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
logo.svg
www.timesunion.com/img/logos/black/ 		327 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timesunion.com/img/logos/black/logo.svg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/dist/channel.min.css?v14.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/dist/channel.min.css?v14.4.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
425281
x-cache
HIT
content-length
70959
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 18:06:58 GMT
server
Apache
x-timer
S1691617811.380236,VS0,VE1
etag
"51afb-6015398dfb45c"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
7
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06be8aed4447f65ebf300538f6d83f4286326739fba7fd6edae55785c599e76e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f5c93c1f6e98b4130e47dfaafc28cb202d689d2a1dde6ef33c9561b826946a8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c25d4e1550ed967cb5d4c017abae07957ba32c84a5316473f703cb7199aed397

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		463 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87cdb7d89b6eb24ccc648409ee488806d330baa21cc6c5c95881b60cbb41480b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		314 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0c5d5baea154fefa1e608cd2f95739ab4a587a9028975ba793b22505828ad53

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e16ac25aa46fc72563d49f528668155ed2253bf34fb59e262e2399d39aeec0b0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		918 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58dd031813db944839cf7bead9c28cced841623376f0c15b02a42322c8790998

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		931 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63f3a386a63016e8adf56dbc32b1e62ad23298ab9b8efe70c0d5a3cdc730dff9

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		848 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c40fa9a347181da26ccfc2e7413d900f9e2549f68150f3dd09e13b6aac505221

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ratio3x2_600.jpg
s.hdnux.com/photos/01/34/01/71/24125009/5/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/01/71/24125009/5/ratio3x2_600.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
43a0c15cd901ff739dec1debd0715792aedc5b8a686d59a9d1102628a0df50bf

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
35170
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 21:16:04 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467596,VS0,VE695
etag
"8962-60283fcbe3639"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio3x2_225.jpg
s.hdnux.com/photos/01/34/01/61/24124513/3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/01/61/24124513/3/ratio3x2_225.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
24e98aaeb725762a4fac6b07da7af36154face093307c1283b829a5d3a2a1cc8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
8001
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 21:16:39 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467777,VS0,VE583
etag
"1f41-60283fed48376"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio3x2_225.jpg
s.hdnux.com/photos/31/43/15/6697846/6/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/31/43/15/6697846/6/ratio3x2_225.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
c163689d768a40492e10318385554d88a5fecd3939e4a580fbc5b73eea6cd5c2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
4913
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 18:13:53 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467534,VS0,VE398
etag
"1331-60281712f15d1"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio3x2_225.jpg
s.hdnux.com/photos/01/33/45/74/24010553/3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/45/74/24010553/3/ratio3x2_225.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
f65bc9a9bc29837e9c171037b6e4fc9a6485d0a4ee1db3b2d7525385937e94af

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
7198
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 19:25:26 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467672,VS0,VE536
etag
"1c1e-60282710f3f3c"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio3x2_225.jpg
s.hdnux.com/photos/01/33/75/67/24108500/5/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/75/67/24108500/5/ratio3x2_225.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
7b69c3705bbd8326bf3ca02c8351929c4bacfab4ac8b14aaec7659855663e46c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
9381
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 19:19:15 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467650,VS0,VE584
etag
"24a5-602825afcc3aa"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio3x2_225.jpg
s.hdnux.com/photos/01/33/76/64/24112446/3/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/76/64/24112446/3/ratio3x2_225.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
0ea8cb3f1561ed81d07ae91bfbd12ea66e387fd95aa6fa30b0c8eafce85543de

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
8989
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 10:40:49 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467617,VS0,VE534
etag
"231d-6027b1cefda5c"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio3x2_225.jpg
s.hdnux.com/photos/01/34/01/24/24122644/5/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/01/24/24122644/5/ratio3x2_225.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
34c9fb9571eaf815182a76cfacaf8e77b763a726175286d168d1acb51dbaa351

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
8134
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 16:25:55 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467811,VS0,VE560
etag
"1fc6-6027fef1b6e60"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio3x2_550.jpg
s.hdnux.com/photos/01/33/76/16/24110009/3/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/76/16/24110009/3/ratio3x2_550.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
cafd187db09dafce3e39d83d644221000e1c13b5d157b6bc1ab9501cc9565580

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
47642
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 15:05:40 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467795,VS0,VE870
etag
"ba1a-6027ed016b41f"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio1x1_200.jpg
s.hdnux.com/photos/01/34/01/65/24124776/5/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/01/65/24124776/5/ratio1x1_200.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d08fc87fd3a0aa7082bbe0c20b7b7d5469d4d9a2bceeded63126292cbbab77d9

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
7543
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 20:50:11 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467552,VS0,VE694
etag
"1d77-60283a02920d2"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:12 GMT
ratio1x1_200.jpg
s.hdnux.com/photos/01/33/71/31/24090182/5/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/71/31/24090182/5/ratio1x1_200.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
dac9642c3fbca8889765ca2ad02c25e3fb4866e2c3c9107d44ffecca84e655b9

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
5989
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 16:03:22 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617812.108215,VS0,VE562
etag
"1765-6027f9e7008de"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:12 GMT
ratio1x1_200.jpg
s.hdnux.com/photos/01/33/76/53/24111847/5/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/76/53/24111847/5/ratio1x1_200.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
52b1173036846ead2f061c2d2199a33f680a5e387ff422646faa927c61f5f5e2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
6556
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 11:36:12 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617812.108203,VS0,VE535
etag
"199c-6027be2fadacb"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:12 GMT
ratio1x1_200.jpg
s.hdnux.com/photos/01/34/00/64/24120599/5/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/00/64/24120599/5/ratio1x1_200.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
8d85f43b036785dd2092a1ce7b29c90793629f5bbca6a8cdef6461f8a86cea6c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
26394
x-cache
HIT
content-length
9253
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Aug 2023 22:10:18 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617812.115307,VS0,VE1
etag
"2425-60270a0df5eaf"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 14:30:18 GMT
ratio1x1_82.jpg
s.hdnux.com/photos/01/34/01/36/24123309/3/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/01/36/24123309/3/ratio1x1_82.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
bc6d3af0628c905dbe2d624fa9bd035db6fc5666baa0006e940b05a3ef715129

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
2481
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 21:42:32 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467715,VS0,VE556
etag
"9b1-602845b5eb9c1"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio1x1_82.jpg
s.hdnux.com/photos/01/33/22/03/23929042/3/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/22/03/23929042/3/ratio1x1_82.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d9a58535acdd1b22299dd74268fcd966ef2afa8c0d4c30312d518197022f4488

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
2463
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Jun 2023 21:22:03 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467635,VS0,VE560
etag
"99f-5fdf54f59e543"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio1x1_82.jpg
s.hdnux.com/photos/01/33/50/00/24018948/5/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/33/50/00/24018948/5/ratio1x1_82.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
110ec83b0dfe5443096149f041f356c812be66563b70073230175e0e9c547c06

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
2453
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 22 Jul 2023 20:06:20 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467731,VS0,VE534
etag
"995-60118ea389166"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio1x1_82.jpg
s.hdnux.com/photos/01/34/01/44/24123650/3/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/01/44/24123650/3/ratio1x1_82.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
975325520b773f73ac8e74a5442d6604aa20a61677dbd0b574224836ea69e393

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
2533
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 19:46:30 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467776,VS0,VE557
etag
"9e5-60282bc6f6448"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio1x1_82.jpg
s.hdnux.com/photos/01/34/01/65/24124776/5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/01/34/01/65/24124776/5/ratio1x1_82.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
0e809109761cfb3b4eecc4a5659f51034a94439e66777856cad73ea25b26f226

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
2164
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 20:50:24 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467594,VS0,VE559
etag
"874-60283a0f9cebb"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
ratio1x1_82.jpg
s.hdnux.com/photos/72/60/24/15402259/19/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.hdnux.com/photos/72/60/24/15402259/19/ratio1x1_82.jpg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
a924d5f28c6e99a268912e3eb75967ba8ea718afe1a8534f242b8aa89011ed4d

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
2071
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Jul 2023 07:21:12 GMT
server
Apache
x-ttl
31536000
x-timer
S1691617811.467519,VS0,VE585
etag
"817-5ffa420bd0852"
vary
Fastly-SSL, X-is-eu
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 16 Aug 2023 21:50:11 GMT
perf.rnc
tm.hdmtools.com/hearst/news/ 		0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tm.hdmtools.com/hearst/news/perf.rnc?cid=109&ns=1691617806521&ce=2610&cs=2550&dc=0&dclee=4868&dcles=4862&di=4862&dl=3480&dle=2550&dls=2544&fs=2543&lee=0&les=0&rede=0&reds=0&reqs=2610&resps=3477&respe=3494&scs=2550&ues=0&uee=0
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 cbeb24fadb75eda03a7b228ef184642e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C1
age
77284
x-cache
Hit from cloudfront
cache-control
no-cache, no-store
x-amz-cf-id
Oe4xgs0vrELMnjH-EP0koD7Ps-fjWqKM1ifQzKjEgNh-WeHPM8Ou6w==
cookie_sync
prebid-server.rubiconproject.com/ 		3 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f3d6c903361c1ee92c54bc82c79ab7bfe49a24f17abb094e44cc48ffac551876

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.timesunion.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
649
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		2 KB
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
41013c58155f58f57d81b5136ec58487c2f4fb4116da44dd36531fc64c5ed8ba

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.timesunion.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
368
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		496 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
58b9e021a2fb1c2ba00bf2592d698973f1330ac521fae536e1ee724a7d1c383d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
an-x-request-uuid
0fb3bec6-bd71-48a4-97a9-560f98242024
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
496
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=4794685821&lsavail=0
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FFlex1&tk_flint=pbjs_lite_v7.35.0&x_source.tid=c6e55d90-dc12-4856-b004-dac114bf2432&l_pb_bid_id=29bbef5ba147dd8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FFlex1&slots=1&rand=0.07896328958525056
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dccdbeb1b9c29f32edce18f101a27f09a7b6b9ad0f05ce48b3e0bdc31720d91e

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		356 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FAP300&tk_flint=pbjs_lite_v7.35.0&x_source.tid=92c8f27e-e1e8-4a0e-a7ec-9ed54055885c&l_pb_bid_id=30f2976916fafc6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FAP300&slots=1&rand=0.2829713001848153
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1abe32bc6c1a15b3d24733a533938c809c755e96aaa4c1ac0f85059ca4b1ce2c

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
356
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		379 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FAPflex&tk_flint=pbjs_lite_v7.35.0&x_source.tid=8911686c-019c-4120-b74e-1dd9f80651e4&l_pb_bid_id=31e6d7650f0a823&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FAPflex&slots=1&rand=0.9464166974909025
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8efcea72a3af5b28ab05e209e3c910e60fb83287c7eb5e23382c3edfba54fd28

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
379
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		379 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FBPflex&tk_flint=pbjs_lite_v7.35.0&x_source.tid=1961b4c1-53e4-4784-90c3-ed8f9e9b38d8&l_pb_bid_id=32d932559ae4a73&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FBPflex&slots=1&rand=0.3183128737223131
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
20cf4ed7ce4344d64223ad577ad361f3a3777af96caaa7d2bfc912021748e360

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
379
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.timesunion.com%2F&tmax=2500&us_privacy=1---
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.140.101.67 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-101-67.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
5, 5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208030
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
180764b48f93d3c7b2d3b476d977cbc0921db604ebc7ca60e8b07100d1b5f1d8

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYk9MCAOOV0wXIZpyh1LZYsTuBSmnNF4BYTGM5s428Q4T29p7qTh1N1w9jqZnSkuggVvHPFzD0wTLnRnOQnPPqh1nQjH8MOm9GBPo3srj4SCHwzrSVjR39EHAIJg1nUqr0PHm2RZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f43369a0b5c19c2-KIX
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
revenue.min.js
www.timesunion.com/dist/hdn/workers/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/dist/hdn/workers/revenue.min.js?v14.4.2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
80b414d0e609bf5f8eb2e537b8754dded6ab0ac489cdef2d594f28750c10e58c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
0
x-cache
MISS
content-length
1376
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 19:31:49 GMT
server
Apache
x-timer
S1691617811.480608,VS0,VE581
etag
"e53-6028287e1f340"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
0
C3P0_RealmCookie
realm.hearst3pcc.com/utility/ 		47 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://realm.hearst3pcc.com/utility/C3P0_RealmCookie?host=www.timesunion.com&operation=create&cb=1691617811507
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/assets/0x7F903A52B79EAF5075AD3B2924B1FDF726649C8C/GetJS?url=www.timesunion.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.246.51 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
365f923f3d28aad3b68b6944d983d4a3243450b3760529dc419a43a39e4cf36c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:12 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Frame-Options
SAMEORIGIN
Cache-Control
no-store,no-cache
treg_comp.css
treg.hearstnp.com/assets/5c446916-b6ac-4098-94e2-ec9d4722ca38/timesunion.com/css/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://treg.hearstnp.com/assets/5c446916-b6ac-4098-94e2-ec9d4722ca38/timesunion.com/css/treg_comp.css
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/treg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecda5e8745c9dc0242df52e86bd863f597ddbf866dc52d3cb41d6150547a9aa6

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cdn-rule
fetch: TREG DEFAULT TTL Rule 365d
date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 07 Aug 2023 21:04:33 GMT
x-aspnet-version
4.0.30319
age
175538
x-powered-by
ASP.NET
x-hnp-log
x-cache
HIT
content-length
5353
x-served-by
cache-itm18838-ITM
x-aspnetmvc-version
3.0
last-modified
Mon, 07 Aug 2023 21:04:33 GMT
server
Microsoft-IIS/10.0
x-timer
S1691617812.522111,VS0,VE1
vary
*,Fastly-SSL, X-is-eu, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-vcl-version
32
accept-ranges
bytes
x-cache-hits
1
760e0b4fe13eab1ebb145a54bc9fe649.js
tm.hdmtools.com/hearst/news/code/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/760e0b4fe13eab1ebb145a54bc9fe649.js?conditionId0=422740
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
92fa6ca0e0aba30a04bd83daa003c0bd62d46ba7de6065ce3d7af7df92fbd538

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
WVhe5kzQHtKNOz1xXrPBr4vLDSq83MVI
content-encoding
gzip
via
1.1 5216b5aef38f6d8e7d7ca4ab8c47ead0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
528800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 03 Aug 2023 18:56:29 GMT
server
CloudFront
etag
W/"5bfad68c07b90bc5c6c76fa8da299e05"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
dmujnImsL-xfAr6We7Ef7gOgB49V9rl663sCGGwse4x1qO_Clty7WA==
8685fbef9b5f2ad84f723e27aa87098d.js
tm.hdmtools.com/hearst/news/code/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/8685fbef9b5f2ad84f723e27aa87098d.js?conditionId0=304363
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
aedc0a9fd9cac163f92a52651627ee834dbac0710d14cb7e910e28bc534e5241

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
RoYoyWMb_kTN8hsRqd0N.AShY7XiDbBa
content-encoding
br
via
1.1 082329696d49819d97bc7da98006304c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
706414
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 01 Aug 2023 17:36:30 GMT
server
CloudFront
etag
W/"73e2a36428e37d70463c3d8a19eb028e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
FrWfE0uNCMZc41bhaFc7NLvtvoxKbe5FoItfZc7snxhkftEN4hIjWg==
5b5cf4d50001f8bd42666e9c6c6b051a.js
tm.hdmtools.com/hearst/news/code/ 		142 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/5b5cf4d50001f8bd42666e9c6c6b051a.js?conditionId0=318893
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
fac96c274786ed3d7d86aabc1d82aa3908620d1d009c74d7fc215572c57a5b76

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
qnaltboAo.To7MFqOw7_d80nOHoduINC
content-encoding
gzip
via
1.1 c29e436c21072b427d47688aaf874624.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
706398
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Aug 2023 17:36:30 GMT
server
CloudFront
etag
W/"7edec986451d26323b0723c5bfb7dde8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
DfmdSJPtntBk4jT1sNwWcRDny0ONwdXd6Mf4WN95gQTDoLZAwwojkw==
47bcd7561d67ff5497e10c1c76593e75.js
tm.hdmtools.com/hearst/news/code/ 		2 KB
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/47bcd7561d67ff5497e10c1c76593e75.js?conditionId0=4912187
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
9e7dab88130a2a0066c276dd2222a8aa5f2f1649047008fd7b51b35a905e1396

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
h7be8jV0P6EEUxqDVpa3ReUxnt6YHsXe
content-encoding
br
via
1.1 55eeb944ebfbb0b85df2890d4b80abd0.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
11933637
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 16 Sep 2021 16:26:31 GMT
server
CloudFront
etag
W/"61f6613971b103b5f382f1cfd01af10e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
tXno2Z3ke5K2S9L1dgpLdNm3WjyLARgg96mDpttaClow3lQ6tZpw5g==
a6e4b96e48b89fabac58cea32cdde96f.js
tm.hdmtools.com/hearst/news/code/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/a6e4b96e48b89fabac58cea32cdde96f.js?conditionId0=4921310
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
05a37a92a97111d190346c1cc8f310d4c01cb538425eef77af6d71b7229e809b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
fD8XCRc5vJZ_tER30e7u6RZv0RPXVfB_
content-encoding
gzip
via
1.1 ad1db92b031434a160947f1147cb5db2.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
16433489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 31 Jan 2023 16:58:16 GMT
server
CloudFront
etag
W/"79d9c72f10f551a806ba7ed68523ca67"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
pJ16Am5P5ESrSYsnY6QAXr2fqaLHysOxvmXsOURpIhXfxVdJJC7vog==
8c234649f58e6ec01edb2e0d38bb147d.js
tm.hdmtools.com/hearst/news/code/ 		396 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/8c234649f58e6ec01edb2e0d38bb147d.js?conditionId0=4882639
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
6580a4a100fcb8b00532c322298e4dda206b46f9eaf0c1bd38ba6e08baa60a14

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
4nWZLW0aq_VMvwQ8AOgZafhJx1mtCFdc
via
1.1 53784e962439e344b6be04336e793994.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
529107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
396
last-modified
Tue, 20 Jul 2021 22:44:08 GMT
server
CloudFront
etag
"c52076edec666f2fec100db39c165155"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
1gt3RGMfOPhsc3Y69HfhjzdoqA68G5_SkwYWMDDevbddZ35jI2xoxQ==
65025496dea9dbf2c599f07a745d9164.js
tm.hdmtools.com/hearst/news/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/65025496dea9dbf2c599f07a745d9164.js?conditionId0=4921574
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
8ace70e0de93323aca21f70754aaa3ee16f5a29e0a546c7686ebbb626b5e2071

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
GWm_UKvN2Jj1_BD8EgwL3CZCYJR1dnNi
content-encoding
gzip
via
1.1 25caeecf79d1babf9c1aeb8ae41d4e36.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
6834405
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 22 May 2023 19:23:11 GMT
server
CloudFront
etag
W/"a8e6c62dcf4f522ff38f2475fbd3c553"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
SbleWQQRan9AKT0FrmdmWTGHy4-FjpXbXZar4TWUvKYIMOAsnAu0wA==
029a79233f093874694451ec01574881.js
tm.hdmtools.com/hearst/news/code/ 		428 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/029a79233f093874694451ec01574881.js?conditionId0=4868406
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
f34e6539b7e64b7b45ca0ef8c6d36c942bd7524a67f62e8c1b60026fa51b26cd

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
pB4otEwVVPgGyJVaQgdk12rGEu5Ac3Bb
via
1.1 25caeecf79d1babf9c1aeb8ae41d4e36.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
20438380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
428
last-modified
Tue, 20 Sep 2022 16:46:57 GMT
server
CloudFront
etag
"da73e229baec6d50b22aae6cc4529828"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
MfCU_DnP-YkFwj84OTMUXa0g5IqqgfgUSq4IsucZPw8JyVnvz--Yuw==
e8d0734c2c3a3d6eb76650d73ef959fc.js
tm.hdmtools.com/hearst/news/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/e8d0734c2c3a3d6eb76650d73ef959fc.js?conditionId0=4935393
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
b5b2019ebeb6e94330ad272a8d8f19cd264611cc451c35d610f517d733e96e94

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
EuT5DExDrkiZ56YX0awrAg0KeJcVf2pL
content-encoding
gzip
via
1.1 30b391cfff9725fde644913fc78890c4.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
20434940
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Nov 2022 17:05:07 GMT
server
CloudFront
etag
W/"8c889b523c617a13bbd95dce9956caa8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
aMb0LsfIc6f_3CJG8TWARO7MGOx5x2Vjw-hIeocyAFnA7uFeDklynA==
b98324127c53a96b03a6f99970467beb.js
tm.hdmtools.com/hearst/news/code/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/b98324127c53a96b03a6f99970467beb.js?conditionId0=306985
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
abb5a9720e72772ef1b60fef170d83c872b7060cb2b2550a0106fdbb3f79d37f

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
Fr2AVjwntGDRE9JXUyWbyl7DgWBnsX9a
content-encoding
br
via
1.1 6dfb7749b068f934616db797ff5b18ee.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
1186040
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Aug 2022 13:54:49 GMT
server
CloudFront
etag
W/"75ab1567396c51fff06049bbf3b8e44e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
3BJcYgMyErrPhqtxn5zZTDcoElYe_Y4M9FJxds2TiqPtOwJw_yCC1g==
5319269b9258f83497a32dd1dbd61f60.js
tm.hdmtools.com/hearst/news/code/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.hdmtools.com/hearst/news/code/5319269b9258f83497a32dd1dbd61f60.js?conditionId0=318802
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
cadb704fe05a5f3a49ad972f2a8192b878fad45ac4c402d217d0a427a855ade6

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-version-id
mpgYybykGAsuxwOKAgzpMkCc5CmmA7.A
content-encoding
gzip
via
1.1 2f2cf39e75c120f26131abff835e3548.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
526175
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 03 Aug 2023 19:40:20 GMT
server
CloudFront
etag
W/"9bb6f1625a7987665fda330ac5a33792"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
oQVrE1A4rlhnzB18vvtcgc8ghJGGQvv0KD0ZYoqesQ9T6rXPX8NS3g==
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3070&u=https%3A%2F%2Fwww.timesunion.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:58:24 GMT
via
1.1 f79910dd066cb79d5b224ab3f88841e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P4
age
17506
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.timesunion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
wVZDyFYfVYm1iBLnd1TSre2nrxC1AmHnSzVjMgpdIVmDZ4rVjT7kzg==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
myC9XEBYIUuI5qhUgZB2cH6slFkfAkKoc9ijvLe8kvCWkprvp5uBOQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3070&u=https%3A%2F%2Fwww.timesunion.com%2F&pid=jWBMvXcZ68FZ2&cb=0&ws=1600x1200&v=23.725.1446&t=2500&slots=%5B%7B%22sd%22%3A%22Flex1%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FFlex1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22AP300%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FAP300%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22APflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FAPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22BPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FBPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22CPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FCPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22DPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FDPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22EPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FEPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22FPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FFPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22si_section%22%3A%22other%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
f9bf28047beda39a3587ea6bff90e537d0b1c3ca3faea6311ce6a6bb89f35eda

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 05e04c5e15a87c619e820e333918b7f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1236
x-amz-cf-id
efmf0F7SbNWcRuJsb0zNcfWFpiY5s8Dd_pZpyysmhkU1O_Eey9mk6Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 7813c3b749fe8e3a44c4359da4183e70.cloudfront.net (CloudFront)
date
Wed, 09 Aug 2023 10:15:34 GMT
x-amz-cf-pop
NRT57-P4
age
41678
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
1WyJ6sXPJ7xzA_53yx12xj0cTXjSC0Vg0HRj11MxVs8C5e0KhQBbSA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
mdn0x7aa4ch9_D3h98EClnOR6vH_tPdnD9KCkTK85vIIkujn4Z4-4A==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
tu8ETT5u-QI5H4bHgwiZf6xZ-xlePrNkUUMcXi8VOshbJxE1gn0kVg==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
KmTf1LrktkX5QfVgAlXPsCZWM-5DPCshGP0yr940OSXF7F9UFnP9rg==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
G3aZJI4xGSkgVmRQGN73oE5YWXUzaIP2MVORK6to5nNroMfxjc6MJw==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		159 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=timesunion.com&domain=timesunion.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8b7ba9858e88ebbaea70efab084ef9e0c7d68c2bae6913814a4cfa716f41142

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
124
x-served-by
cache-itm18847-ITM
x-timer
S1691617812.991814,VS0,VE174
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 07 Aug 2023 21:50:12 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-12.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 11:00:04 GMT
content-encoding
gzip
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P4
age
39025
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
L4_xHYy-GIR7o41m-D0daJi8xLtIAU7GMvE8MX2N2cZaWwtfBSETWA==
gtm.js
www.googletagmanager.com/ 		211 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K2VJ9XV
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/760e0b4fe13eab1ebb145a54bc9fe649.js?conditionId0=422740
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5c740db2f0b8935195accb8b4c7fdced270373b70fd968a77377c949ecad03dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71234
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:19:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Aug 2023 21:50:11 GMT
0012000001fxZm9AAE
cdn-channels-pixel.ex.co/events/ 		4 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-channels-pixel.ex.co/events/0012000001fxZm9AAE?integrationType=DEFAULT&template=design%2Fchannel%2Fdynamic_two_column.tpl
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.73 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-7-39-73.deploy.static.akamaitechnologies.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:13 GMT
Server
awselb/2.0
Content-Type
application/json
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
4
Expires
Wed, 09 Aug 2023 21:50:13 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/8685fbef9b5f2ad84f723e27aa87098d.js?conditionId0=304363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
zen_init.min.js
content.zenimpact.io/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.zenimpact.io/dist/zen_init.min.js?v=2307689
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.204.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.204.244.35.bc.googleusercontent.com
Software
UploadServer / FALSE
Resource Hash
35cddd5272635c92b7e5ed55dc22ee5feea41ccd8da633e754a49fa06873a35e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
age
2703
x-powered-by
FALSE
x-guploader-uploadid
ADPycdsL-WdlcL_wD8T2O_MzK20Rcd98Tsj2shsVFTp8TAdMDwxW9vHjE4WKYrOu8Z34Odx5o32dQeKfO6EGuOR9auxTfA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2181
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 20:56:03 GMT
server
UploadServer
etag
W/"011b11cc9d63b66cc3051db8cc9cf1d5"
vary
Accept-Encoding
x-goog-generation
1691614563218949
x-goog-hash
crc32c=D/uZIA==, md5=ARsRzJ1jtmzDBR24zJzx1Q==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
5299
permissions-policy
geolocation=(none), microphone=(none)
x-frame-options
sameorigin
accept-ranges
none
content-type
text/javascript
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.211.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-211-119.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 08 Aug 2023 22:03:10 GMT
Content-Encoding
gzip
Via
1.1 002f4e6e9a2863fad90c4c4476703744.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT57-P4
Age
85623
ETag
W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
WnB9ixFKZ9v_JWATR17kD0wpDSi3nUCBiAZsr3PzzjIzqxNsGu1POw==
hnptrckr.js
storage.googleapis.com/sp-hnp-js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/sp-hnp-js/hnptrckr.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/8685fbef9b5f2ad84f723e27aa87098d.js?conditionId0=304363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.48 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f16.1e100.net
Software
UploadServer /
Resource Hash
cb1b8a5ed9a65c7c3547353e061f80f408edcdb0b1a4fd910d5fcb8fe068cc84

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:57:45 GMT
content-encoding
gzip
age
3147
x-guploader-uploadid
ADPycdvMCWYO5H1LmXZsfiKIe0HdY7jmaYr5VF_PyvjSYYvQmZ1zzPTxsuZ8A0zbKLnoyludWDrU1c2hNwAPJRIhw3v7nA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22859
x-goog-meta-
last-modified
Tue, 11 Jan 2022 17:50:50 GMT
server
UploadServer
etag
"fec195011b0a1dca256d55e600c41344"
vary
Accept-Encoding
x-goog-generation
1641923450025218
x-goog-hash
crc32c=JBrIXQ==, md5=/sGVARsKHcolbVXmAMQTRA==
content-type
text/javascript
cache-control
max-age=31536000
x-goog-stored-content-length
22859
accept-ranges
bytes
expires
Thu, 08 Aug 2024 20:57:45 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.4.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.4.0/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.4.0/dist/web-vitals.iife.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a85cb4f69ef025b2b86a217f8e999a8f30f43181f15017115e807dd5b021766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2604200
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H50GWVNP137RW2ASE0A600D3-nrt
server
cloudflare
etag
W/"1b98-Vi0si64rTaloQm7ZXLxPFpdaTq8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f4336a0daa519c9-KIX

Redirect headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H7E3ZV6A8Q9N0575FKTT38AC-lax
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
488
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.4.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7f4336a07a5519c9-KIX
5386
tags.bluekai.com/site/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:2dh2h9z&fmt=3
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-YJkmS8tE2uJvI7WiG8tGv5fuNplHbH8-~A&gdpr=0
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
62 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
23.210.41.190 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-41-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 09 Aug 2023 21:50:14 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
221
5386
tags.bluekai.com/site/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:doaf0nb&fmt=3
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=55af4700-8ee7-4c07-b44f-e4ece7a47d80&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=55af4700-8ee7-4c07-b44f-e4ece7a47d80&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bfzia3dE2uJW7OfGMQv_UWiyAt4d_A4-~A&gdpr=0
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
62 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
23.210.41.190 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-41-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 09 Aug 2023 21:50:14 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
221
load.js
s.ntv.io/serve/ 		608 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.217.41 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
07fe03950dbe28bf4f530574f1200db6a228e4ebba2861e349262c9c0fc5f3d2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:12 GMT
Content-Encoding
gzip
x-amz-request-id
FN1BQEH3ZHVRY8W2
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/hxpTK9SUMySZWkQRc0Xwqs/wpii73zoQmdaVyr9DPRC1vjJEOuzw6BXfzPXaQE2O3LbiF9kUXk=
Last-Modified
Fri, 04 Aug 2023 16:31:39 GMT
Server
AmazonS3
ETag
"d9238b6d6d07f0e4346a27179c16d42f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/a6e4b96e48b89fabac58cea32cdde96f.js?conditionId0=4921310
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.228.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:30:18 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kcgs7200123-IAD, cache-hnd18739-HND
hearst_style.css
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/hearst_style.css
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/47bcd7561d67ff5497e10c1c76593e75.js?conditionId0=4912187
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
9c3bc61b0f9659c860c1ca669bacae68ff9b2a977a8f7624cb24792b0a103c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:12 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 12 Apr 2022 10:40:03 GMT
Server
nginx
ETag
"62555703-2b55"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11093
app.8308f434e65953976136fc4ea088cb17.css
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/css/ 		204 B
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/css/app.8308f434e65953976136fc4ea088cb17.css
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/47bcd7561d67ff5497e10c1c76593e75.js?conditionId0=4912187
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
24b5de47dc0702da75d1eda6efe960533526c959ce9b9e0431156d672047a9ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:12 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 17 May 2021 14:30:07 GMT
Server
nginx
ETag
"60a27def-cc"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
204
manifest.0dbe4a09ed0d75146967.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		0
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/manifest.0dbe4a09ed0d75146967.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/47bcd7561d67ff5497e10c1c76593e75.js?conditionId0=4912187
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:12 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 14:00:06 GMT
Server
nginx
ETag
"611a6f66-0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
vendor.9974694e05bc1714ad63.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		0
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/vendor.9974694e05bc1714ad63.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/47bcd7561d67ff5497e10c1c76593e75.js?conditionId0=4912187
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:12 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 14:00:06 GMT
Server
nginx
ETag
"611a6f66-0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
app.aebfb71a2aae10db417f.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		715 KB
716 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/app.aebfb71a2aae10db417f.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/47bcd7561d67ff5497e10c1c76593e75.js?conditionId0=4912187
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
b1cea977d19c766cfd57ffbeedaf892bfdeec1c2a9f5d4f478a5772d572d3a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:12 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 17 Oct 2021 21:00:04 GMT
Server
nginx
ETag
"616c8ed4-b2dd3"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
732627
init.js
www.timesunion.com/413gkwMT/ 		169 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/init.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f24b1e8dae6e63abf5bbb934565ab93ac27bbe5a2d6eaf824d2a99b8b3550999
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 google, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=300
age
176227
x-cache
HIT
content-length
68652
x-served-by
cache-itm18838-ITM
etag
"2a3c0-NKFVsJgay+XzJ+O6ZBb2LHt2Q/o"
x-px-hash
OGMzOWE2MWVmNzc4MTEzZjBlYjhmYzdkMGI5M2E1ZjBjMGE0ZjBlMzU2Y2I4N2EyNTUyNzFhZTk0ZDg5ZjU5NA==
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
p.js
cdn.parsely.com/keys/timesunion.com/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/timesunion.com/p.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/5319269b9258f83497a32dd1dbd61f60.js?conditionId0=318802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.211.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-211-60.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
62bfd914b3be830b910657d463585beac3c761a3e2cedbecba4430732abfcfca

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
public
date
Wed, 09 Aug 2023 11:34:15 GMT
content-encoding
gzip
via
1.1 c6a39a61a5883d63c301bf090ead6950.cloudfront.net (CloudFront)
last-modified
Mon, 31 Jul 2023 13:24:50 GMT
server
nginx
x-amz-cf-pop
NRT57-P4
age
36957
etag
W/"64c7b622-10726"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
B61f0DtTFogIvuKVme4vQFgq_BlvYkYuYL5YEn5v0VRQqYv1oaOzGg==
expires
Thu, 10 Aug 2023 11:34:15 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/code/5b5cf4d50001f8bd42666e9c6c6b051a.js?conditionId0=318893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Aug 2023 21:30:44 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1169
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 09 Aug 2023 23:30:44 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.203.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-203-198.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:55:03 GMT
content-encoding
gzip
via
1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:52:49 GMT
server
nginx
x-amz-cf-pop
NRT57-P3
age
3308
etag
W/"64d2e361-1197e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
QX66afknPOtW3nmQECvCNyJxouS9IsZ5sebgNFqs_PhTbsOFSQ8dzw==
expires
Wed, 09 Aug 2023 22:55:03 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma86077/all/1/
Redirect Chain
  • https://js.matheranalytics.com/s/ma86077/712314004/all/ml.js?cb=1632
  • https://js.matheranalytics.com/static/ltm/ma86077/all/1/ml.br.js
148 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma86077/all/1/ml.br.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
f7726c809a8daa5dc18b4b13117857271edfa609fb21a49e70149e56d5378ff1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 15:10:27 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 05 Oct 2022 01:14:56 GMT
server
nginx
age
23985
etag
"b4e38894a386e957ad50464eafb9ab77"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 05:34:15 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43708

Redirect headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma86077/all/1/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
6-gc-uswest1-t41p1017
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 21:50:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47151
x-xss-protection
0
pragma
public
x-fb-debug
5tzSDQL3HOBHDJjwKtCCqnGHfXpjcE7Hccui3q4CLkTL47pZ+2POphj10E7sMJP32Ufav76sQbMqDUX6FfoduQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
131678X1600318.skimlinks.js
s.skimresources.com/js/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/131678X1600318.skimlinks.js
Requested by
Host: tm.hdmtools.com
URL: https://tm.hdmtools.com/hearst/news/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
2f9296c3c095517da831ff99a86ee70050efdc55170342cc052c38716588fe75

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
last-modified
Mon, 12 Jun 2023 14:55:26 GMT
server
AmazonS3
x-amz-request-id
S95YH93MXR7GM7B1
etag
"9412be8f38e151592ca5de0a4fa84edc"
x-hw
1691617812.cds255.tk2.hn,1691617812.cds240.tk2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20728
x-amz-id-2
x+gmKccCtbhknrArlZNMJrzqQvQxv6YhWR73PgOzldw2GCxyS+b6V4z/entVAyuaOqFBuYLcqdA=
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		784 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba23a1e8b28067146c594c26635e5f2e4947a93de3f73c366692fff72ecb734b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
784
x-cache-hits
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=timesunion.com&p=%2F&u=cLGXoBLw2V1Cm7mc4&d=timesunion.com&g=53046&g0=home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9195&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.timesunion.com%2F&b=5207&t=CUW893CiCLipqkCf8dE0tgxVJxd&V=141&i=Home&tz=-540&sn=1&sv=DbMIDmDgasbnDR7I07Dz89AVCjwM4_&sd=1&im=067b0ff3&_
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-173-138.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
vertScoreboard.23869c2c87face71f50a.bundle.js
d2sgc57sw7l730.cloudfront.net/realtime/widgets/ 		420 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2sgc57sw7l730.cloudfront.net/realtime/widgets/vertScoreboard.23869c2c87face71f50a.bundle.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/apiJsCdn/widgets/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.214.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-214-119.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78f9b97f38368f9db67fc4ad9a618ce8b5b226f93162a625ef95ce8222fe90c6

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:45:43 GMT
content-encoding
gzip
via
1.1 29bc979ed5b97121d22a3551faf230d4.cloudfront.net (CloudFront)
last-modified
Tue, 22 Mar 2022 20:20:37 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P4
age
4410270
etag
"1b43e5f82df3d01edea8bf4bb4e0928b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=32140800, no-transform, public
accept-ranges
bytes
content-length
117967
x-amz-cf-id
NM3TuyHqE_GNxzq8w-RdjQTbSTqQFyyqYX9EHwSPjFKkIwCKpY51IQ==
load.js
pm-widget.taboola.com/hearstlocalnews-network/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/hearstlocalnews-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hearstlocalnews-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bee25e78cad3d7a0929e1a9a0decf4bb521c88b516637b0e6ee9e77ae6f3ad76

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
vRsmsFSuRyA_y30FyqD4IMbsaPgcdHY9
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 09 Aug 2023 21:50:12 GMT
x-amz-request-id
H3XPWDNDSDFMQFYG
age
3154
x-cache
HIT, HIT
content-length
1650
x-amz-id-2
YwQ+2b39Nq4P991YfNuGNEcvncBcDyLmV2vUNMGG8LkgqYtgVbW0W8BQp0da2VxN0ypu/xa0Lk4=
x-served-by
cache-sjc10068-SJC, cache-itm18846-ITM
last-modified
Thu, 27 Apr 2023 05:51:26 GMT
server
AmazonS3
x-timer
S1691617813.869800,VS0,VE1
etag
"cc8672cee73d0a9f419aa3f577747c15"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
3901, 1
impl.20230809-7-RELEASE.js
cdn.taboola.com/libtrc/ 		799 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230809-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hearstlocalnews-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a9b013fd30e3e47b01b208486d43aadc7eded867e429aae2345a8e40003d5fc6

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
6boMx.OApoYb0OPNEvvkFaruMdGsRJMd
content-encoding
br
via
1.1 varnish
date
Wed, 09 Aug 2023 21:50:11 GMT
x-amz-request-id
8YFYCF3T9M42YPC7
age
15121
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169232
x-amz-id-2
RFPmOq7wT12HpDmrlwDoF4uyOBbK4NBlz7Ox11HH+RSXFnBtd1au7CaGeF5y0Kbx1RZ5fqpPshM=
x-served-by
cache-itm18846-ITM
last-modified
Wed, 09 Aug 2023 09:38:11 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691617812.792335,VS0,VE0
etag
"3c39a5a6e6d9c40dfbba30a139af09d0"
vary
Accept-Encoding
content-type
application/javascript
abp
86
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
7248
init.js
www.timesunion.com/413gkwMT/ 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/init.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:11 GMT
via
1.1 google, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=300
age
176227
x-cache
HIT
content-length
68652
x-served-by
cache-itm18838-ITM
etag
"2a3c0-NKFVsJgay+XzJ+O6ZBb2LHt2Q/o"
x-px-hash
OGMzOWE2MWVmNzc4MTEzZjBlYjhmYzdkMGI5M2E1ZjBjMGE0ZjBlMzU2Y2I4N2EyNTUyNzFhZTk0ZDg5ZjU5NA==
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
2
pxid
0272ac85-5199-4024-a555-397c3d825d95.prmutv.co/v2.0/ 		46 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://0272ac85-5199-4024-a555-397c3d825d95.prmutv.co/v2.0/pxid?k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a41ec3bff2dd047f65649f43337c45adba86f9b6d65ce208ef80f4a575522274

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:11 GMT
an-x-request-uuid
c6cf8044-92a4-4ac1-907f-da7f64dc5980
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
6af07a2d-d0d3-4dfd-961a-bab066126220-models.bin
cdn.permutive.com/models/v2/ 		157 KB
111 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/6af07a2d-d0d3-4dfd-961a-bab066126220-models.bin
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722b1f38960b27dbb73f1ce24bf5d4f82c84bcea9569e420fb378d63fc62ba79

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
0272ac85-5199-4024-a555-397c3d825d95
age
0
x-guploader-uploadid
ADPycdsn0SLgQS3HwflRs9dbX07MCpYTV5CSfQK0VzrNZ6lCqimHaey4MRIKQUJntvd4SSZfnvHwaCSxyonhlD-eH_5SHA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
113143
last-modified
Mon, 07 Aug 2023 18:31:08 GMT
server
cloudflare
etag
"4683d4042cf80fc1bd2c279df61b8a23"
vary
Accept-Encoding
x-goog-generation
1691433068842083
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=+TblMg==, md5=RoPUBCz4D8G9LCed9huKIw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
113143
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f43369ceaf919c4-KIX
expires
Wed, 09 Aug 2023 21:50:12 GMT
geoip
api.permutive.com/v2.0/ 		231 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8247af110d0c55296aeff96fcb9a4f7e061946b8c87ea0552325b01b2be731db

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
watson
api.permutive.com/v2.0/ 		188 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f6637e8cb940d7400e0cebb23d3e7a99509319bf2e5b2ec8c006f22303d59047

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
46a3d506-10da-4246-9373-30d9a7df6d66
https://www.timesunion.com/ 		770 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/46a3d506-10da-4246-9373-30d9a7df6d66
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21d28c1ea163984eaa0e2d14f5043c1e00ae881331f26c4003a20f9b39a44288

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
788780
Content-Type
22ffba8b-0e0b-4fc2-8fcf-02450d3e50b0
https://www.timesunion.com/ 		770 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/22ffba8b-0e0b-4fc2-8fcf-02450d3e50b0
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21d28c1ea163984eaa0e2d14f5043c1e00ae881331f26c4003a20f9b39a44288

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
788780
Content-Type
card-interference-detector.20230809-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20230809-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hearstlocalnews-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da88b06433c3d43b2334f7f3e71a67d3e946ebed6b1384bf5ebb8e4de2b25400

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
XGPlXC_pBmZ8buVqqs4LlmQ407BL5SeM
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 21:50:12 GMT
x-amz-request-id
RA6AMT8EX21Q0AVP
age
11635
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
2z81RGuwN8eIyEHmi9zPZeIlbVCfokkLFkw2dcdj6M3dLSotigkS4/WgcnBX5O+5t7sk2EdvoK8=
x-served-by
cache-itm18846-ITM
last-modified
Wed, 09 Aug 2023 18:36:14 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691617812.007955,VS0,VE0
etag
"f49442c65ea9b1ca641419ddcf78d99d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
57
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
114
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230809-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
231876
expires
60
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/ 		400 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 11:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
36681
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129393
x-xss-protection
0
server
cafe
etag
2294886439466480038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 08 Aug 2024 11:38:51 GMT
js
www.googletagmanager.com/gtag/ 		210 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WE0RM2ZY79&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRF8MLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
17c0b7d0bbcd953b50c123e352757fa68b6a296525371a2baf4c078e1a3c50a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76431
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 21:50:12 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-729835018&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRF8MLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8869b0e9a5576286a4b3e0fec882ae48e4108b156c07716fae58461c8ead7d47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71671
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:19:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Aug 2023 21:50:12 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
18.65.216.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-12.nrt57.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
NRT57-P4
x-amz-cf-id
0VFb7OJp2gsXrXNDpUAVAS3XcDl3M6nArveUawht5KBNLXffeJUVcA==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
location
/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
content-length
0
x-amz-cf-id
9LI_SXnmC_nqwohq-EBl5_tUirb5cIUTHK6_hdthQtbqkat9yRAXLg==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036097&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036097&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036097&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
18.65.216.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-12.nrt57.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
NRT57-P4
x-amz-cf-id
PHZKF94NyBUVpxZHF4m8897FXO1PzPFnh9WkQev00NZ60PuK1w6G_Q==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6036097&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691617812118&ns_c=UTF-8&c7=https%3A%2F%2Fwww.timesunion.com%2F&c8=Times%20Union%20-%20Times%20Union&c9=
content-length
0
x-amz-cf-id
tJ2qEj7T_MiVQlCvtpknaSsKEIZTJ5eTm9w0AfltIM9Sc0naRHhO0g==
client.json
content.zenimpact.io/dist/data/87a73f08-7661-4905-b85b-7d3c639c7b70/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.zenimpact.io/dist/data/87a73f08-7661-4905-b85b-7d3c639c7b70/client.json?ver=8822509065
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.204.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.204.244.35.bc.googleusercontent.com
Software
UploadServer / FALSE
Resource Hash
649ca0de2a59d29ead8420218c156fd90da588effe6ce1e2e988e5c3379576e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
x-powered-by
FALSE
x-guploader-uploadid
ADPycdvBkw-pvxiDc1s_l48BN3dlSdt0rr9D_qpamld48S-U0J_geUzSITWckTzVUpDj8F1wTTrKHANtJpcvCJZHh9pvMA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1609
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Nov 2022 15:10:56 GMT
server
UploadServer
etag
"1afc97238bf7c1b3c106b771b16fd544"
x-frame-options
sameorigin
x-goog-generation
1668525056378364
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=kQh7Gw==, md5=GvyXI4v3wbPBBrdxsW/VRA==
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
1609
permissions-policy
geolocation=(none), microphone=(none)
accept-ranges
bytes
iu3
s.amazon-adsystem.com/ Frame 9C83
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
330 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a5f4efdc514ac97c041a0031df801815cd3ab3e2c03ee4acd6839e67e92a2c82
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
330
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 09 Aug 2023 21:50:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TRF5R8T7K4XYRPT8VB0H

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MCH63ADTPCQCS795KQ85
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		159 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A12%2B09%3A00&ts=1691617812144
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
b32d918728e5361d180fd5cadc35705a7b6e90904dbad803105842a2c0ebe6c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
156
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
rNX3A7dK_pvC0SSXM8Stl-EuOOcChjh-OoyYM61jR7TGMZh5fmgOLg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		159 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A12%2B09%3A00&ts=1691617812145
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
1a393b89f8dcced2bfc70c37c4f829d0bf6d3be2fe5e61a0ef9e75a1a81651ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
157
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
fPSj_bVlCSkZWQ6BO4wAluc_hxXk_W2FpHKrCSgePJlB1lnizAL8fw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		159 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A12%2B09%3A00&ts=1691617812145
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
391bf6915634ffd28f9c83067989f0c9b8a407db55ffe14cf19d4c21c0259f89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
157
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
2S8JswIMlDmaYKlLQZ2_kctJwewVU6dssAyPAJUi_O-l-G9xfzPmMw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
home%20page
p.ctpost.com/ 		0
0
web-vitals.es5.umd.min.js
unpkg.com/web-vitals@0.2.3/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@0.2.3/dist/web-vitals.es5.umd.min.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23057677bed750ea60a07277c2c71ed27902af3a794ad34718e03fd289410889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17144791
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GQF5X7QBM96G77V59GFV9DH5-sin
server
cloudflare
etag
W/"d94-uDBTEJlyGEhuzR31wxIAEUui1Co"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f4336a30c4319c9-KIX
navigation.min.js
www.timesunion.com/dist/hdn/workers/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/dist/hdn/workers/navigation.min.js?v14.4.2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
7459c708ff716ff227886401ed359fe1a4b420b91a25d2dd1d5a1fcf0b264bcb
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
0
x-cache
MISS
content-length
1373
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Aug 2023 19:31:49 GMT
server
Apache
x-timer
S1691617812.196085,VS0,VE582
etag
"e0b-6028287e1f340"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
bcd7b7d6759fc63c7b6673ee02c3ee36c13d26d0e060b6350508c7320eb83955

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D31%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.239.232.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-239-232-129.compute-1.amazonaws.com
Software
/
Resource Hash
560bc318a124e2417dcf36d891e952f5e5ce1d69d76fc2ef4a066792f06f1fed

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Wed, 09 Aug 2023 21:50:12 GMT
connection
keep-alive
x-amzn-RequestId
0b2fbecc-f1f5-5cb6-bcb5-e382fda11c8c
Content-Length
378
Content-Type
text/xml
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		170 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A12%2B09%3A00&ts=1691617812312
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
56d49d7d7bf89665105798befe3d0337c9a60fa2b791beb2c2a8747d56384d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
34355
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
DkYgm5jJ_ukrMe_tKWlKmZWVMEZaFFnAH-8PuDDGCRYmYgktsf7xWQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		14 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOC12XI21803bBpoLAFJGr0&error=&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOC12XI21803bBpoLAFJGr0&error=&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62&google_cver=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEOC12XI21803bBpoLAFJGr0&error=&type=ddp&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2&u=83b2be2d-e0f0-45d5-8b3b-b3965a274e62&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2,83b2be2d-e0f0-45d5-8b3b-b3965a274e62&gdpr=1&gdpr_consent=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WE0RM2ZY79&gtm=45je3870&_p=141382141&cid=1396311492.1691617812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691617812&sct=1&seg=0&dl=https%3A%2F%2Fwww.timesunion.com%2F&dt=Times%20Union%20-%20Times%20Union&en=blueconic_id_found&_fv=1&_nsi=1&_ss=1&ep.source_system=blueconic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WE0RM2ZY79&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
gtm-kw6hw69-m2q2n.uc.r.appspot.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WE0RM2ZY79&gtm=45je3870&_p=141382141&cid=1396311492.1691617812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=3&sid=1691617812&sct=1&seg=1&dl=https%3A%2F%2Fwww.timesunion.com%2F&dt=Times%20Union%20-%20Times%20Union&en=page_view&_et=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WE0RM2ZY79&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		159 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A12%2B09%3A00&ts=1691617812429
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
2e79a4df7553c7c4f99194eff62c7cb129ff5a64171ff6b3a876f21fd8b63ed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
157
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
rveAAcZ-wEFhfNPbE8qsolcrUYQZAmzmOygCKOGZApbW90we42ZEoQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/729835018/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/729835018/?random=1691617812452&cv=11&fst=1691617812452&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.timesunion.com%2F&hn=www.googleadservices.com&frm=0&tiba=Times%20Union%20-%20Times%20Union&us_privacy=1---&auid=1831429709.1691617812&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-729835018&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
abfe5228291f6d0932a32234fe2119acc221ec153e09bde7532553cd5a478862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1310
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
api.permutive.com/v2.0/ 		251 B
207 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b9ce21947d8fe7105f91f1851268a628cb0eb67040e2856f7a03c1267e5c9488

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189
seg
secure.adnxs.com/ 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=22932261&t=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
e2cd6518-781e-4585-82d5-c98f79566fd3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=23249654&t=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
d9269796-a44a-4d90-b377-d1ac4cc57cf5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ 		0
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=23251044&t=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
e1d7fcc2-492e-4121-9782-15b8d909d9d6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ 		0
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=23251043&t=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
c94bc361-b36e-4668-a573-04d0e76ca115
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ 		0
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=26189548&t=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
26eb6bdd-e860-423d-a07f-298a2b6b9cf1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ 		0
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=34111607&t=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
e523ad75-f7bb-40b0-96bb-819519bbc713
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ 		0
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=27765776&t=1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
bb4011ef-8849-4d59-bb7f-b8997debfc7a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
init.json
content.zenimpact.io/dist/data/87a73f08-7661-4905-b85b-7d3c639c7b70/01771c85-1f3b-430c-820a-cd5a9640696b/ 		488 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.zenimpact.io/dist/data/87a73f08-7661-4905-b85b-7d3c639c7b70/01771c85-1f3b-430c-820a-cd5a9640696b/init.json?ver=1251798536
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.204.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.204.244.35.bc.googleusercontent.com
Software
UploadServer / FALSE
Resource Hash
154e411a627b2a4141b53bac2217b7220c69b4c3ae1f203333ae1f8a87e0716d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
x-powered-by
FALSE
x-guploader-uploadid
ADPycdvz7Dq79B728AwcbPnRq-4Zn266oOGQHkaAl0Atq-q8Grr3MW2QWunrNJoWp3RqtFN-XL8jwlRDfWcjassH3XzpMQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
488
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 May 2023 13:56:15 GMT
server
UploadServer
etag
"4bf280b9d0846cc96ee2647b6fd5d2d9"
x-frame-options
sameorigin
x-goog-generation
1683122175039172
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=vm9+dQ==, md5=S/KAudCEbMlu4mR7b9XS2Q==
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
488
permissions-policy
geolocation=(none), microphone=(none)
accept-ranges
bytes
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1691617812484&id=t2_r4vg95y7&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=a95f178a-9cec-4bcd-81c8-822177fc81f3&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
adsct
t.co/1/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7c34f8a8-a355-4d46-ba7f-d51ccb30af49&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f83686fe-2cc7-4fab-ada9-5cd94d5a0fe1&tw_document_href=https%3A%2F%2Fwww.timesunion.com%2F&tw_iframe_status=0&txn_id=o7kje&type=javascript&version=2.3.29
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time
98
date
Wed, 09 Aug 2023 21:50:13 GMT
strict-transport-security
max-age=0
server
tsa_m
content-type
image/gif;charset=utf-8
x-transaction-id
97cee88c54114c54
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c6b488e757d0f40e1b8a44b03793a52ff534aaca4a3307cd585cb57a35c86a76
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7c34f8a8-a355-4d46-ba7f-d51ccb30af49&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f83686fe-2cc7-4fab-ada9-5cd94d5a0fe1&tw_document_href=https%3A%2F%2Fwww.timesunion.com%2F&tw_iframe_status=0&txn_id=o7kje&type=javascript&version=2.3.29
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time
101
date
Wed, 09 Aug 2023 21:50:13 GMT
strict-transport-security
max-age=631138519
server
tsa_m
content-type
image/gif;charset=utf-8
x-transaction-id
652516bbeb4011bc
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
6ee02491a76cc8be97aa2f076b115937c4512d0c28be6cc14b3a17d89f5791ef
content-length
43
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		780 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
724be7aa1e1a3f6021b0a00c49d8dfa1181c87634433f2d2e8df4923953fbe49
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
780
x-cache-hits
0
tp2
sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.126.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.126.95.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.timesunion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.timesunion.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 09 Aug 2023 21:50:13 GMT
server
akka-http/10.1.12
via
1.1 google
tp2
sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/ 		2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/sp-hnp-js/hnptrckr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.126.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.126.95.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
server
akka-http/10.1.12
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
cm
u.openx.net/w/1.0/ Frame 7810
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbid...
709 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d52236413c01a47caf4d50f30ba9644f29401f4ecd20850f57d442b5aa077ee1

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
431
content-type
text/html
date
Wed, 09 Aug 2023 21:50:12 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 09 Aug 2023 21:50:12 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
C3P0_RealmCookie
realm.hearst3pcc.com/utility/ 		51 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://realm.hearst3pcc.com/utility/C3P0_RealmCookie?host=www.timesunion.com&operation=check&cb=1691617812633
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/assets/0x7F903A52B79EAF5075AD3B2924B1FDF726649C8C/GetJS?url=www.timesunion.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.246.51 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59eb244867b94cd78f6cc5c8a0b10b7411933f80c7ab1994e46458ac81bc44f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:13 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Frame-Options
SAMEORIGIN
Cache-Control
no-store,no-cache
values
hub2.zenimpact.io/ Frame 5C88 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hub2.zenimpact.io/values
Requested by
Host: content.zenimpact.io
URL: https://content.zenimpact.io/dist/zen_init.min.js?v=2307689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.105.74 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
74.105.160.34.bc.googleusercontent.com
Software
Google Frontend / FALSE
Resource Hash
161c6a5227ae9727d94a3a07458b4a58117f1d2a5f5839adeb8012fa3c8d6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:12 GMT
expires
-1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
strict-transport-security
max-age=31536000
via
1.1 google
x-content-type-options
nosniff
x-powered-by
FALSE
x-xss-protection
1; mode=block
t
jadserve.postrelease.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.timesunion.com%2F&ntv_mvi&ntv_kv=permutive*40919,42136,42567,43447,43465,44089,44258,70747,87427,rts
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.190.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-190-125.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
b03cbe57ff5f9ba830ada51bd84ed26dedcb0bd05d75cc6ded19f04fae4504b0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1984
expires
Mon, 1 Jan 1990 12:00:00 GMT
audiences
api.permutive.com/audience-matching/v1/id/83b2be2d-e0f0-45d5-8b3b-b3965a274e62/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/83b2be2d-e0f0-45d5-8b3b-b3965a274e62/audiences?k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
setuid
prebid-server.rubiconproject.com/ Frame 7810 		0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=c5f536cc-08ef-0bd4-3ef2-2b01b736d72c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 7810
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 7810
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fc2bb903-b170-383d-557e-eb14366d15a1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NjNlZWVlMzgtYWEwZC00MWM0LTllYWEtOTMyYjMyZDk0ODYy&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b3...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=NjNlZWVlMzgtYWEwZC00MWM0LTllYWEtOTMyYjMyZDk0ODYy&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862&google_gid=CAESEHdCSObkRT9fsDIcsOf9tnE&google_cver=1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
sd
jp-u.openx.net/w/1.0/ Frame 7810
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNQKFMCo8XYAALhg1FYAAAAA
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNQKFMCo8XYAALhg1FYAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 09 Aug 2023 21:50:12 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"114.19.24.12","key":"ZNQKFMCo8XYAALhg1FYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40037"}
X-SO-Key
ZNQKFMCo8XYAALhg1FYAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40037
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZNQKFMCo8XYAALhg1FYAAAAA
Cache-Control
private
X-SO-HostName
a-ad40037.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-IP
114.19.24.12
sd
jp-u.openx.net/w/1.0/ Frame 7810
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXcqy-LQb36iks8AD7P3orXh088AAAGJ3Edh2g
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXcqy-LQb36iks8AD7P3orXh088AAAGJ3Edh2g
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
via
1.1 31c766ca012c76de76b26ec9e2a74486.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXcqy-LQb36iks8AD7P3orXh088AAAGJ3Edh2g
cache-control
no-cache
content-length
0
x-amz-cf-id
YNKOS16PN0efVrQBihu-nyAgvCuPQwgeFrAo5TuejbQHtL7rIV7cUg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 7810
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0NDZhYzktNzgwNy02Njk5LTQwOWUtYjFhZGZjOGZkYmMx
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0NDZhYzktNzgwNy02Njk5LTQwOWUtYjFhZGZjOGZkYmMx&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0NDZhYzktNzgwNy02Njk5LTQwOWUtYjFhZGZjOGZkYmMx&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0NDZhYzktNzgwNy02Njk5LTQwOWUtYjFhZGZjOGZkYmMx&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7810
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL1SKGMDIpXrKu2q2MIqQ4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL1SKGMDIpXrKu2q2MIqQ4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECL1SKGMDIpXrKu2q2MIqQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/px/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/px/?rand=1691617812782&plid=4e4948d9-0977-4366-a9fe-796bb8f09526&idsite=timesunion.com&url=https%3A%2F%2Fwww.timesunion.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.timesunion.com%2F%22%2C%22hash%22%3A1643541504%7D%7D&sid=1&surl=https%3A%2F%2Fwww.timesunion.com%2F&sref=&sts=1691617812776&slts=0&title=Times+Union+-+Times+Union&date=Thu+Aug+10+2023+06%3A50%3A12+GMT%2B0900+(Japan+Standard+Time)&action=pageview&pvid=ab8d97e2-dd0e-42fc-b2d3-3b5a3ee0216f&u=pid%3Da3f0c646-12e7-4abf-8fd6-4d805050e2f4
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.220.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-220-137.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
robots.txt
t.skimresources.com/api/v2/ Frame 7CEB 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08462123537939292
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
cache-control
private, no-store
server
Python/3.10 aiohttp/3.8.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=7.977781453984965
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=7.977781453984965
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
/
r.skimresources.com/api/ 		190 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/131678X1600318.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
8fd54d1ed12366d00e4acf0de2863b39eeae3be17a2d282e88ab10ad4c0db51c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pmk-20220605.2.js
pm-widget.taboola.com/hearstlocalnews-network/ 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/hearstlocalnews-network/pmk-20220605.2.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/hearstlocalnews-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f81fca468855090668c6899bd1bb27d420da1c057adf36fb9db948c76656ff0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
dnd6g6nbHcbfpJsH7Q.ZPqr.8qdKqd1D
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Wed, 09 Aug 2023 21:50:13 GMT
x-amz-request-id
BA9HKDYDDBYDYNN0
age
9043120
x-cache
HIT, HIT, HIT
content-length
31825
x-amz-id-2
p+5PsR/lPifVU8yTzOnZ05HKI2Pwy/mNJTPwVFZFHpstD2UhgsvdMwGrgFqPRNU4/sE8uAWJ8hs=
x-served-by
cache-bur-kbur8200147-BUR, cache-sjc1000145-SJC, cache-itm18846-ITM
last-modified
Thu, 27 Apr 2023 05:51:25 GMT
server
AmazonS3
x-timer
S1691617814.882242,VS0,VE0
etag
"be560a46a48a71ecfa1e4ccbdfe95762"
vary
Accept-Encoding,,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
3245, 35740, 2
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ Frame 5C88 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: hub2.zenimpact.io
URL: https://hub2.zenimpact.io/values
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://hub2.zenimpact.io/values
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2346073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
701
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0bkXlIjoXqLFRZ%2FD40gAs1WOUJmQL9kjrxLvEo7lunUm3h6cCoqjcF%2F1f%2FahBEfbyu2s9US7JYAopv%2BdJFC0mffYRtzluy8T5HA4nyr2%2FEyD8T%2B00WxSZl30ab8H8X%2BNJUEeOQU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336a56fe4834c-KIX
expires
Mon, 29 Jul 2024 21:50:13 GMT
6be5175aa22a375c998b72c197cac314
n730.timesunion.com/plugin/plugin/ 		310 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/plugin/plugin/6be5175aa22a375c998b72c197cac314
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
9a1985c8a6c177f0767e24223a75eb7e8dcfed7f48d1913fd6e2eb41c8842dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
age
52945
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
68514
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 07:07:47 GMT
server
-
etag
6be5175aa22a375c998b72c197cac314
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
Rz1fWFHcYkkCwJZZKbFRaCVkmEvpkoK3aqWIEY0BYFUSysaBedNxxA==
expires
Thu, 08 Aug 2024 07:07:47 GMT
api
scorestream.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://scorestream.com/api
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.109.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-109-45.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.timesunion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:13 GMT
x-powered-by
Express
api
scorestream.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scorestream.com/api
Requested by
Host: d2sgc57sw7l730.cloudfront.net
URL: https://d2sgc57sw7l730.cloudfront.net/realtime/widgets/vertScoreboard.23869c2c87face71f50a.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.109.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-109-45.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
3109cc24e10385f1910cff83e45341bfceb11016dfc2f1bd66e7d62ee2ee7b87

Request headers

Accept
*/*
Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type
events
api.permutive.com/v2.0/batch/ 		701 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
01e372108555d5d7559baf9beed06765394932ba24724cd2af3ee8ba2821d6e9

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
bf4ff87aa36ae5dc8680f1d66f5e6504
n730.timesunion.com/plugin/library/ 		438 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/plugin/library/bf4ff87aa36ae5dc8680f1d66f5e6504
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
c7f82fcf3a52843135089c8809a912db33a100939a0f740e3ba3411adf27dea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
age
52945
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
138859
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 07:07:48 GMT
server
-
etag
bf4ff87aa36ae5dc8680f1d66f5e6504
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
5nlcfstppRkqhmGr15nORNGT_t8L_qExB8b0b3g9RlnFUY9ke6hPGA==
expires
Thu, 08 Aug 2024 07:07:48 GMT
LB-Zone-2
n730.timesunion.com/DG/DEFAULT/rest/rpc/147/ 		485 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147/LB-Zone-2?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=&bctempid=da0abda4-b397-49a7-bba6-8a62ba27448b&overruleReferrer=&time=2023-08-10T06%3A50%3A13%2B09%3A00&ts=1691617813130
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
8a91cba9430d3985c7de35c3b24a9bc928509dabddca4e314137c557f9d11d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
295
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
t022oXCuvKqyNTvkpH2he1ey4YmhHLvxunrtTtoDiEMbeNZ6xnVEIw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
timesunion.png
n730.timesunion.com/rest/v2/dialogues/files/812a3f5e-902d-4828-ae51-a37284ce038e/ 		382 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n730.timesunion.com/rest/v2/dialogues/files/812a3f5e-902d-4828-ae51-a37284ce038e/timesunion.png
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
53c6bfa7bfacafcdcb5f9c1b6ea257ea4a7f8c8b931527e7a811e134e30a6950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 23:37:23 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
age
2239970
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
382
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jul 2023 23:37:23 GMT
server
-
etag
c1a64033bc99e6a0ed72ff0508e985c3
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
blfyjuSa-j1Pfm1cS8cwdGGyD0rLZJu3WYEzC-Oo1_tsN7cbGgHktw==
expires
Sat, 13 Jul 2024 23:37:23 GMT
publisher:getClientId
ampcid.google.com/v1/ 		77 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f14.1e100.net
Software
ESF /
Resource Hash
652b0f995e04ec831d8f49b9b1d8e0af931d5a5cb209c2802c5cf032dcf28cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97
x-xss-protection
0
api
ls.skimresources.com/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/131678X1600318.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api
ls.skimresources.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.timesunion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.timesunion.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 09 Aug 2023 21:50:13 GMT
server
Python/3.10 aiohttp/3.8.4
via
1.1 google
page
t.skimresources.com/api/v2/ 		22 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/131678X1600318.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pr
s.amazon-adsystem.com/v3/ Frame 6F5E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a8d56a026a8ada2d454f74350cd2a1ae21668707314817130acb22e4af6c0af9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2715
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 09 Aug 2023 21:50:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CRA5H1TSC2ZJCF4972B0
853388561414006
connect.facebook.net/signals/config/ 		382 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/853388561414006?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
5d38056ebd81cb8447620a746f6526f088750a3b4f459012532e72e8ff36a9f2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 21:50:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111352
x-xss-protection
0
pragma
public
x-fb-debug
YEvqQsGzoXOCJPIXnhfFeRl1ck8ZkAsc7VAIcIJoNrMh/KizPL+aLz5vPLDnzqhOtwemb0LalTYM9kwJE7So8A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
zenid
insight-api-kgw.zenimpact.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insight-api-kgw.zenimpact.io/zenid?zenId=65a11ddd-2e4a-2ab8-a262-10e227f0cb70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.196.227.35.bc.googleusercontent.com
Software
Google Frontend / FALSE
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.timesunion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
https://www.timesunion.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
content-type
text/html
date
Wed, 09 Aug 2023 21:50:13 GMT
expires
-1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 google
x-cloud-trace-context
39e3b0a1da247dfed9b435ef40e0f031
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
FALSE
x-rate-limit-limit
1s
x-rate-limit-remaining
470
x-rate-limit-reset
2023-08-09T21:50:14.0881649Z
x-xss-protection
1; mode=block
zenid
insight-api-kgw.zenimpact.io/ 		52 B
241 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://insight-api-kgw.zenimpact.io/zenid?zenId=65a11ddd-2e4a-2ab8-a262-10e227f0cb70
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.196.227.35.bc.googleusercontent.com
Software
Google Frontend / FALSE
Resource Hash
f6d785d43bfbc74a74c7ce9b649c32422e0b8df94c01338e80e169ecfa3daa9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
x-api-key
AIzaSyBCYW8JYdGu-vHvMUwuuAvoZxduUsSCVMM
Content-Type
application/json

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
x-rate-limit-limit
1s
strict-transport-security
max-age=31536000
via
1.1 google
x-rate-limit-remaining
489
x-content-type-options
nosniff
x-powered-by
FALSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
vary
Origin
x-frame-options
sameorigin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-expose-headers
*
x-rate-limit-reset
2023-08-09T21:50:14.6333581Z
access-control-allow-credentials
true
x-cloud-trace-context
640db1ae774f50d49181313662cf6662
cache-control
no-store
expires
-1
configv6.json
content.zenimpact.io/dist/data/87a73f08-7661-4905-b85b-7d3c639c7b70/01771c85-1f3b-430c-820a-cd5a9640696b/ 		576 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.zenimpact.io/dist/data/87a73f08-7661-4905-b85b-7d3c639c7b70/01771c85-1f3b-430c-820a-cd5a9640696b/configv6.json?version=4140833701
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.204.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.204.244.35.bc.googleusercontent.com
Software
UploadServer / FALSE
Resource Hash
f070ea18e754261e17cf5815be370228027fd16e74dc3416ffc74962c53d2255
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
age
0
x-powered-by
FALSE
x-guploader-uploadid
ADPycdstCHLQ46Z0UXpY0pNicVxQjkfl6RT7V-1thz6CGer_QGea2sVoW93f6ZyihEkB9FPoQg1Q0UH1Oj8dT-x5cK1fgw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
576
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 May 2023 13:56:14 GMT
server
UploadServer
etag
"068d0a2532a335e2132b904629f9a23c"
x-frame-options
sameorigin
x-goog-generation
1683122174770575
x-goog-hash
crc32c=00TPlg==, md5=Bo0KJTKjNeITK5BGKfmiPA==
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
576
permissions-policy
geolocation=(none), microphone=(none)
accept-ranges
bytes
content-type
application/octet-stream
iife.min.js
content.zenimpact.io/dist/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.zenimpact.io/dist/iife.min.js
Requested by
Host: content.zenimpact.io
URL: https://content.zenimpact.io/dist/zen_init.min.js?v=2307689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.204.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.204.244.35.bc.googleusercontent.com
Software
UploadServer / FALSE
Resource Hash
a1f80ad7ddeaf7cae12ca92666f090bfa4754e1249557ec413814791e13b7fef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
x-powered-by
FALSE
x-guploader-uploadid
ADPycdv9sGBwAd_LqopRWaTl7z0k3kNykQOlkFmuq-UcffUPoCsk5dQpWGbBLO_IvT87fTuJGMUOYzgqdgAJv4MSlXU5_g
x-goog-storage-class
STANDARD
x-goog-metageneration
9
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1647379918879228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Mar 2022 21:43:32 GMT
server
UploadServer
etag
W/"75e2fd20cd4f3313b0f19f50caf238fd"
vary
Accept-Encoding
x-goog-generation
1647380612521316
content-type
application/javascript
content-language
en
x-goog-hash
crc32c=m0OE+Q==, md5=deL9IM1PMxOw8Z9QyvI4/Q==
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
access-control-allow-origin
*
cache-control
public,max-age=3600
x-goog-stored-content-length
31759
permissions-policy
geolocation=(none), microphone=(none)
x-frame-options
sameorigin
accept-ranges
none
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Times%20Union%20-%20Times%20Union&artid=4654&artsrc=timesunion&artupt=1689611958&metered=free&ptype=home%20page&pubname=timesunion&sec=home&videonpage=0&tv=js-3.0.156&tna=Mather&aid=v1&p=web&tz=Asia%2FTokyo&tzoff=-540&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=1&tvcfg=all&tid=96ce07cc-38a6-4adc-b4cd-9f4222e69308&pid=7fcbb2b8-be67-4bf5-bfaf-c056fce579b8&dtm=1691617813400&qnm=_matherq&visible=1&tabid=225fbc23-6a07-4e75-8cec-68bde77b33a1&url=https%3A%2F%2Fwww.timesunion.com%2F&vp=1600x1200&ds=1600x10523&tofa=1691617813&vid=1&lvidt=1691617813&duid=1d9188df-efb5-4272-93b8-a14254a1d000&fp=1485020682&cid=ma86077&mrk=712314004&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5MTYxNzgwNjUyMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMy4xbWIiLCJoZWFwVCI6IjMxLjJtYiIsImZzdFBhaW50IjoiNDg3NiIsImZldGNoUyI6IjI1NDMiLCJkb21haW5TIjoiMjU0NCIsImRvbWFpbkUiOiIyNTUwIiwiY29ublMiOiIyNTUwIiwiY29ubkUiOiIyNjEwIiwic3NsUyI6IjI1NTAiLCJyZXF1UyI6IjI2MTAiLCJyZXNwUyI6IjM0NzciLCJyZXNwRSI6IjM0OTQiLCJkb21Mb2FkIjoiMzQ4MCIsImRvbUludGVyIjoiNDg2MiIsImRvbUxvYWRTIjoiNDg2MiIsImRvbUxvYWRFIjoiNDg2OCJ9LCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjEzOTYzMTE0OTIiLCJyZWZUaW1lIjoiMTY5MTYxNzgxMzQwMCJ9XSwiY2F0ZWdvcnkiOnsiY2F0ZWdvcmllcyI6W1siLyJdXX19
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 09 Aug 2023 21:50:14 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
amzns2s
rtb.gumgum.com/usync/ Frame 22AE 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.10.122 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-10-122.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4c3ecfcdbf6232090a6a0b94348317a36f0f50583b2e2d9fc5b0fec05d423956

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 09 Aug 2023 21:50:13 GMT
etag
W/"0d4a772186283f195dcbbb4858f06bd62"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b54c52b1145060588e4a7bfd1c32526039c93cf93507035a724d8bbfac7f8e18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1820
Content-Type
text/html
Date
Wed, 09 Aug 2023 21:50:14 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:14 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
match.sharethrough.com/jwumXNuB/v1/ Frame C070 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.12.134 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-134.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7feedcdd0537cc790581fc6a411ac5f314145cfe0d7fe0bffd0d05d975d3a623

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

content-length
427
date
Wed, 09 Aug 2023 21:50:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4666 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112457
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 09 Aug 2023 21:50:13 GMT
expires
Fri, 11 Aug 2023 05:04:30 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 65E1 		1012 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.162.4 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-162-4.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1517e96b49aa8bdd35cd0cd250b3c04622902a6bde73f2d60f80b1588578ca55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 09 Aug 2023 21:50:13 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 8AFE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Aug 2023 21:50:13 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame DC43
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02cFhZc3Q1RTJ1SUlwS3pOT3RGMWVLNHAzMUx0aVdob35B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02cFhZc3Q1RTJ1SUlwS3pOT3RGMWVLNHAzMUx0aVdob35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
82V9N2GKRG4GQD5WKE9M

Redirect headers

age
0
content-length
0
date
Wed, 09 Aug 2023 21:50:13 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS02cFhZc3Q1RTJ1SUlwS3pOT3RGMWVLNHAzMUx0aVdob35B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.64
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame AB93 		508 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
82fdfc0620efbcf59c74c77cc1d29f3a8fcf878ae9c152a69fd77fee2bc01a55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
329
content-type
text/html
date
Wed, 09 Aug 2023 21:50:13 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 15A9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2546882368749204855&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2546882368749204855&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9NGN9Y3GWVD10AE3RSF8

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1043c413-5380-44ca-8b5a-ef01b626469a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:13 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=2546882368749204855&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame BDD1
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4412166927166683519015
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4412166927166683519015
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SSXR3K0F6RFA3GH5KM1Z

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 09 Aug 2023 21:50:13 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4412166927166683519015
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
2001644490083168
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2001644490083168?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
27d431659b2cdb3e6527acc3eec4dc246ae31306a5cce0e69c8e140039c3bf43
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 21:50:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89093
x-xss-protection
0
pragma
public
x-fb-debug
eA7GWX4pvTx5J4n1vwXpe3NyASNsXG5P22Py/u9ZRt9gROdLAM/tWTA995PtdvgQCzJFTQBaTPw9wf2CoRY0/Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=853388561414006&ev=PageView&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617813497&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691617813494.1701705887&cs_est=true&it=1691617813221&coo=false&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
onetag-sys.com/usync/ Frame 3491 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
bd788160013e517ee09a4369fb3ec48d3266c72f73f920078bc23897c62e0baa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1430
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
zen_insight_V4.min.js
content.zenimpact.io/dist/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.zenimpact.io/dist/zen_insight_V4.min.js?ver=7167866342
Requested by
Host: content.zenimpact.io
URL: https://content.zenimpact.io/dist/zen_init.min.js?v=2307689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.204.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.204.244.35.bc.googleusercontent.com
Software
UploadServer / FALSE
Resource Hash
205deca5852d223f1ce7c0326dd56228916e101ac2a4dfd3fe98da1c2158435b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors 'self'; style-src 'self' ; script-src 'self'; font-src 'self' data:https://fonts.gstatic.com https://fonts.googleapis.com; connect-src 'self'; media-src 'self'; frame-src 'self'; default-src 'self'
x-powered-by
FALSE
x-guploader-uploadid
ADPycduaEvPdNvzto0cox4swUVi1Kw3eQD62UF9AqGeB83_1ricKU_iggJY_hs0Atu_sEeLVJTGORO4b7lBziiTy9d9suA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Aug 2023 14:03:51 GMT
server
UploadServer
etag
W/"39711ca374de99e025cfcb27b3532d0f"
vary
Accept-Encoding
x-goog-generation
1690985031593484
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Dl1XPg==, md5=OXEco3TemeAlz8sns1MtDw==
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
18409
permissions-policy
geolocation=(none), microphone=(none)
x-frame-options
sameorigin
accept-ranges
none
772962626513104
connect.facebook.net/signals/config/ 		382 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/772962626513104?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
0d84070d1d5eea3a786d608993d0fe9323096401e697684fd126ca12e82b06c3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 21:50:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111410
x-xss-protection
0
pragma
public
x-fb-debug
XFhWQBt/Rb0PK/AjkdzMwx3ZpnP8yXJovq1Z5IQ72mmeyYF1unbltdf51h3jvBasNNL860OzIfO1uHV0kIvYJw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2001644490083168&ev=PageView&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617813638&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ecm3
s.amazon-adsystem.com/ Frame AB93 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=a4fdc57e-adda-83c7-9570-69835e5ede41
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NRS07MC032JYV3QD439H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pxd
dps.jp.cinarra.com/ Frame AB93 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=9a992403-afa5-c271-5f76-5940a5f1aa5f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.74.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-74-203.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-length
0
68ecdf47-21dc-aa74-64a9-fde1c93ad8e8
pr-bh.ybp.yahoo.com/sync/openx/ Frame AB93 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/68ecdf47-21dc-aa74-64a9-fde1c93ad8e8?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.245.72 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-245-72.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame AB93 		0
0
dds
rtb.openx.net/sync/ Frame AB93
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=I30zPxj2gROzCqej5XQvGw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame AB93 		0
0
/
www.google.com/pagead/1p-user-list/729835018/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/729835018/?random=1691617812452&cv=11&fst=1691614800000&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.timesunion.com%2F&frm=0&tiba=Times%20Union%20-%20Times%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1565087835&rmt_tld=0&ipr=y
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/729835018/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/729835018/?random=1691617812452&cv=11&fst=1691614800000&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.timesunion.com%2F&frm=0&tiba=Times%20Union%20-%20Times%20Union&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1565087835&rmt_tld=1&ipr=y
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4666 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99390448&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
92bec69f5a7c2ad60418ac446744a1440c69526df98d37c927ff7e3064a6ad5f

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 09 Aug 2023 21:50:13 GMT
content-length
1521
content-type
text/html; charset=UTF-8
openid-configuration
realm.hearstnp.com/.well-known/ 		2 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://realm.hearstnp.com/.well-known/openid-configuration
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/assets/0x7F903A52B79EAF5075AD3B2924B1FDF726649C8C/GetJS?url=www.timesunion.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.246.51 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
03bc90950a3cf3d2baae54d90e814b61d4066e0deec3a120d04f03b38c064f6b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:14 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.timesunion.com
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:13 GMT
an-x-request-uuid
06879e54-89b9-4a9d-9310-b2c323cc57c6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=-kISWfwXR1vhFUZVrhVbCfVHElXhRRdcqUAVgMFa
  • https://usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&us_privacy=
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
redirectObuid
sync.outbrain.com/ Frame 22AE 		0
0
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
Date
Wed, 09 Aug 2023 21:50:14 GMT
Connection
keep-alive
Content-Length
115
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
content-length
0
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
Date
Wed, 09 Aug 2023 21:50:14 GMT
Connection
keep-alive
X-CI-RTID
785eb33b-876c-4666-8a00-7699ec90b04b
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
129612492
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 22AE 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:13 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=SpoYyQYgU8ZJgVTdZ9LS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVJXA32ZPFIVSZ2VHBNEUZ2WKRSFUOKMKM
  • https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:14 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
location
https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-9fc5b9cc4-fdbzz
expires
-1
usersync
usersync.gumgum.com/ Frame 22AE
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7007532004844478187
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7007532004844478187
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7007532004844478187
date
Wed, 09 Aug 2023 21:50:15 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 22AE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FVZYZQFPR5HC945MQDS4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8AFE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7de82ac3ba9a0880ac0aef261bc38b8ae6ad65a3573782d5e43b87ccf64ab52

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2023 15:09:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62293
Connection
keep-alive
Content-Length
10117
Expires
Thu, 10 Aug 2023 15:08:26 GMT
usersync
usersync.gumgum.com/ Frame 74F9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZNQKFQAAAj5PRgAb
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=&_test=ZNQKFQAAAj5PRgAb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=&_test=ZNQKFQAAAj5PRgAb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 09 Aug 2023 21:50:14 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=&_test=ZNQKFQAAAj5PRgAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-itm18850-ITM
x-timer
S1691617814.238403,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5A07 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82MDRkY2YxYy1iODRkLTQ5ZDMtYjU5ZS0xOWUxZTllOTEyZmE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2B89 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112457
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 09 Aug 2023 21:50:13 GMT
expires
Fri, 11 Aug 2023 05:04:30 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame F340
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 09 Aug 2023 21:50:13 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame EB57
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:13 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad435.dc4p.scaleout.jp
X-SO-IP
114.19.24.12
X-SO-Key
ZNQKFcCo8XYAALhg1HQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"114.19.24.12","key":"ZNQKFcCo8XYAALhg1HQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad435"}
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad435
gumgum
cs.admanmedia.com/sync/ Frame 9B3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 09 Aug 2023 21:50:14 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usermatchredir
ssum-sec.casalemedia.com/ Frame DA91
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:14 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:14 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame B025
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 09 Aug 2023 21:50:15 GMT Wed, 09 Aug 2023 21:50:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame F43D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Aug 2023 21:50:13 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 09 Aug 2023 21:50:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Aug 2023 21:50:14 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
H61VC60JDYYDCFQ6
age
14
x-amz-server-side-encryption
AES256
x-amz-id-2
1RQZCCj3GfrdicIk7jC9ItN8m6Ic078AbQZ9ZWgW0/KxexwLx2WmU8LSZWkj4s4FXSX2QzknuGuZ2aQcP5phUA==
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
etag
W/"25c6f4638264ba52fb77e06351d38d61"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f4336af1b418d13-KIX
expires
Wed, 09 Aug 2023 22:50:14 GMT
publisher:getClientId
ampcid.google.co.jp/v1/ 		3 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.co.jp/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
tp2
sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/ 		2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/sp-hnp-js/hnptrckr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.126.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.126.95.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 google
server
akka-http/10.1.12
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.126.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.126.95.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.timesunion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.timesunion.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 09 Aug 2023 21:50:13 GMT
server
akka-http/10.1.12
via
1.1 google
jquery.validate.min.js
hearst.blueconic.net/plugins/static_files/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hearst.blueconic.net/plugins/static_files/js/jquery.validate.min.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.154.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-154-247.compute-1.amazonaws.com
Software
- /
Resource Hash
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
etag
9346ec27896981bc4c0b146cf327727a
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
public, max-age=0, no-store="Set-Cookie"
x-robots-tag
noindex, nofollow
content-length
7446
x-xss-protection
1; mode=block
expires
Wed, 09 Aug 2023 21:50:14 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-91.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:44:17 GMT
content-encoding
gzip
via
1.1 a18933bae530d3ba9bbc6e489a19fde8.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P4
age
358
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
uxN9h9eQ3F5MKxN7yK8-CryZIR0RSGUnDeUtd2YspORLEKQ-dqxK3g==
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		381 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A13%2B09%3A00&ts=1691617813973
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
16d7ca7aab9bb5796a2d067da1c6cfd414558e4f71973d4c213085231df5a2ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
160
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
o7pa8pg2qYkths3vhBx8Ol5GmGRkFk0GIPEN_e3O8yr09kArLMEaNQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		562 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A13%2B09%3A00&ts=1691617813994
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
9606082f7ccb4af1ab2cfd632435cfe89828aff2f1ec1608d637426c7665f723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
179
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
uCnN7iW9bt7sRoGtPlN04j0L3UV4FMs8NWNhuNNxAJVouKiO_zTfCw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A13%2B09%3A00&ts=1691617813995
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
d53e9d875c2717ed047ff54893826e2fc89fd1827e7bb7c4b381f7744eee4446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
jgQX74GcuN7waXZ9Lex3SanQbh8q7zzOlmDEf051sz9rv3cVLGmFwQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A13%2B09%3A00&ts=1691617813996
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
a377798bd9bc8326117415305a070eb69a5ff4d36aff15d5885204477400497d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
yrviW9KeJqDEWyO6vurGtlaUr5lRTpcEonGXIwnsi-QvuNg4DGbAVQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
169188807166631
connect.facebook.net/signals/config/ 		385 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/169188807166631?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
c9d9efe16bf41a1414673ecee72f657b7eb8b99ec151aa25b5119762477a86c7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
112029
x-xss-protection
0
pragma
public
x-fb-debug
vMnQxhsMsjzOctNyeiUtWmYZUZ6c9pM5sTPviASp0LHq2YV5z7oTHH7lvUE3Dy2kJoGiARnzLsdYvk4/10dk6w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
cs
hearst.blueconic.net/DG/DEFAULT/ 		66 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hearst.blueconic.net/DG/DEFAULT/cs?bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&&callback=bc_json153
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.154.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-154-247.compute-1.amazonaws.com
Software
- /
Resource Hash
d81ae45956379898b2ceaa4aa59afc2412e4792192ef9a12c0e98ce0f073dae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame C070 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=f2dddfbb-d462-4134-bcc4-d7069d2755d3
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8M5C2BAB4V2RBNVQWBD2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame C070
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.77.12.134 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-134.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame C070
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.77.12.134 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-134.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame C070
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2546882368749204855
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2546882368749204855
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.77.12.134 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-134.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
an-x-request-uuid
63c91e34-b18d-4f24-bd9f-4dcff90c23c4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2546882368749204855
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame C070
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZNQKFQAAAj5PRgAb
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZNQKFQAAAj5PRgAb
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.77.12.134 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-134.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

x-served-by
cache-itm18850-ITM
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1691617814.253074,VS0,VE0
x-cache
HIT
location
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZNQKFQAAAj5PRgAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 65E1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3mRviaa11Sa5OsBwEJnd
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ESJ4FMTKMK1PGER7ZWGS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 65E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFeVAKMnkMsl1wd2sKkEVWI&google_cver=1
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFeVAKMnkMsl1wd2sKkEVWI&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.235.27 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-235-27.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFeVAKMnkMsl1wd2sKkEVWI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 65E1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3mRviaa11Sa5OsBwEJnd
  • https://ads.yieldmo.com/v000/sync?tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.235.27 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-235-27.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame 65E1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LL49KHU4-18-JMIW
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LL49KHU4-18-JMIW
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.235.27 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-235-27.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LL49KHU4-18-JMIW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
sync
ads.yieldmo.com/v000/ Frame 65E1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1691617814585
  • https://ad.turn.com/r/cs?pid=45&rndcb=1223394299
  • https://sync.1rx.io/usersync/turn/4585599552386632809?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-eefa8192-70c3-4235-84a2-85294b02891d-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-eefa8192-70c3-4235-84a2-85294b0289...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-eefa8192-70c3-4235-84a2-85294b02891d-004
43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-eefa8192-70c3-4235-84a2-85294b02891d-004
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.235.27 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-235-27.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-eefa8192-70c3-4235-84a2-85294b02891d-004
date
Wed, 09 Aug 2023 21:50:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXeefa819270c3423584a285294b02891d004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 65E1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M21SdmlhYTExU2E1T3NCd0VKbmQ=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F43D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7de82ac3ba9a0880ac0aef261bc38b8ae6ad65a3573782d5e43b87ccf64ab52

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2023 15:09:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62292
Connection
keep-alive
Content-Length
10117
Expires
Thu, 10 Aug 2023 15:08:26 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Aug 2023 21:50:14 GMT
ecm3
s.amazon-adsystem.com/ Frame 8AFE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LL49KHU4-18-JMIW
  • https://s.amazon-adsystem.com/ecm3?id=LL49KHU4-18-JMIW&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LL49KHU4-18-JMIW&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A4ZG0EH34YBTBB89CR2V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LL49KHU4-18-JMIW&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
vert
scorestream.com/widgets/scoreboards/ Frame 70D7 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Requested by
Host: d2sgc57sw7l730.cloudfront.net
URL: https://d2sgc57sw7l730.cloudfront.net/realtime/widgets/vertScoreboard.23869c2c87face71f50a.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.109.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-109-45.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
8c9d4ea8195e6d34ec13363dca8e2a425faeccf448fe1446f3ad526dd60f7383

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:14 GMT
etag
W/"504a-6oiQz49uxtk63w4UjGFxXzoHdo8"
vary
Accept-Encoding
x-powered-by
Express
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		27 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A14%2B09%3A00&ts=1691617814023
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
7431c37953ed322d8bd0b801ad3cb4553595c4cbefb2c44d7d8455ffecb5631f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5287
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
JKLrRGDLWwDiBogHJ6PX4tCFcRLkLCYlRbMcweEVPi5aI8dETJx9yQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EEF6
Redirect Chain
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdYgxazyGgM6ks8AD7P3orXh088AAAGJ3EdmJw
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdYgxazyGgM6ks8AD7P3orXh088AAAGJ3EdmJw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
date
Wed, 09 Aug 2023 21:50:14 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdYgxazyGgM6ks8AD7P3orXh088AAAGJ3EdmJw
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma
no-cache
server
Logicad
via
1.1 31c766ca012c76de76b26ec9e2a74486.cloudfront.net (CloudFront)
x-amz-cf-id
rEM8iFLCvzmrTySvN5D3dvESOr0zU6m6PBwy0hJ_ePTd1LIdjctDzw==
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
ecm3
s.amazon-adsystem.com/ Frame D19E 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NBRH69WFCG8PSBC7SGS1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4666
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GzDswjKlTGOXZzfNK0IAzw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=112456
accept-ranges
bytes
content-length
5606
expires
Fri, 11 Aug 2023 05:04:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 4666
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2894cfd7-9e5f-48ec-9189-2a8cfd2b7e03%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&ttd_puid=2894cfd7-9e5f-48ec-9189-2a8cfd2b7e03%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&ttd_puid=2894cfd7-9e5f-48ec-9189-2a8cfd2b7e03%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&ttd_puid=2894cfd7-9e5f-48ec-9189-2a8cfd2b7e03%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame 4666
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.229.173.169 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-173-169.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.4.147
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.20.61
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 4666
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:49:57 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:49:57 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4666
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUIzMEVDQzItMzJBNS00QzYzLTk3NjctMzdDRDJCNDIwMENG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4666
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPGTW2J-eZnFngbPpvvV058&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPGTW2J-eZnFngbPpvvV058&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPGTW2J-eZnFngbPpvvV058&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4666 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 08 Aug 2023 21:50:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4666
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=e4a15563-f632-4461-8f40-0d0632054511&expires=1&user_group=5&ssp=pubmatic&bsw_param=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4666
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZNQKFcCo8XYAALhg1HQAAAAA
42 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZNQKFcCo8XYAALhg1HQAAAAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 09 Aug 2023 21:50:14 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"114.19.24.12","key":"ZNQKFcCo8XYAALhg1HQAAAAA","privacy_sensitive":false,"uid":"ZNQKFcCo8XYAALhg1HQAAAAA","upstream_id":"m-ad435"}
X-SO-Key
ZNQKFcCo8XYAALhg1HQAAAAA
X-SO-Upstream-ID
m-ad435
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad435.dc4p.scaleout.jp
X-SO-UID
ZNQKFcCo8XYAALhg1HQAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
114.19.24.12
X-SO-Cluster-ID
0
Server
nginx
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZNQKFcCo8XYAALhg1HQAAAAA
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		392 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3e82b29afa9a3e800189b8afdf90015c59a14ac30b4251a051a1876adfd8005
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
392
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 8AFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMi_mq9RXDx_yMfVmG5NSCQ&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMi_mq9RXDx_yMfVmG5NSCQ&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMi_mq9RXDx_yMfVmG5NSCQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmY2Yjg4OTA1NzAwMmUxMDNiNzQwMzY1NjFjOTAwMWNmZGM2YTVjMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmY2Yjg4OTA1NzAwMmUxMDNiNzQwMzY1NjFjOTAwMWNmZGM2YTVjMQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmY2Yjg4OTA1NzAwMmUxMDNiNzQwMzY1NjFjOTAwMWNmZGM2YTVjMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8879d63542e1f07dd8e6d691f6d521da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iqm_il6N6jHweXC1Uo_P88n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pVC7CkRE2oKVX7mnu7GU0iXITEaMkrSQgv8xxQ--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pVC7CkRE2oKVX7mnu7GU0iXITEaMkrSQgv8xxQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pVC7CkRE2oKVX7mnu7GU0iXITEaMkrSQgv8xxQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 8AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL49KHU4-18-JMIW
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL49KHU4-18-JMIW
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9C51B1219FCB459F829690230CFF0CD5 Ref B: OSA31EDGE0319 Ref C: 2023-08-09T21:50:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYChHb7428wpVzCHCgs6w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL49KHU4-18-JMIW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8879d63542e1f07dd8e6d691f6d521da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEw0OUtIVTQtMTgtSk1JVw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJVwjr_9dYQCDT0_3c7TTls&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0OUtIVTQtMTgtSk1JVw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0OUtIVTQtMTgtSk1JVw==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEw0OUtIVTQtMTgtSk1JVw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8AFE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E8B6B4N66PZF3FH66HBH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8AFE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DcjK9AjmQVuNwVCiykmnBA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DcjK9AjmQVuNwVCiykmnBA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DcjK9AjmQVuNwVCiykmnBA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C7Y5C5CKM688PWAXP4QN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DcjK9AjmQVuNwVCiykmnBA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8AFE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1276884881652271&correlator=2497821887853819&eid=31072020%2C31076399%2C31075591%2C31075148&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=36117602%2Chnp-timesunion.com%2CHomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C99x99%7C1x2%2C320x50%7C1x1%7C970x250%7C970x90%7C728x90%7C88x88%7C55x1%2C320x50%7C4x1%7C300x250%2C320x50%7C1x1%7C970x250%7C970x90%7C728x90%7C88x88%2C320x50%7C1x1%7C970x250%7C970x90%7C728x90%7C88x88&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight&ifi=1&didk=2015064602~2074596938~2016811434~1714348086~717402586&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1691617814273&adxs=751%2C800%2C2300%2C1200%2C1200&adys=0%2C230%2C350%2C1965%2C3838&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timesunion.com%2F&frm=20&vis=1&psz=1600x0%7C1600x0%7C300x250%7C1600x135%7C1600x135&msz=1600x0%7C1600x0%7C300x250%7C1600x90%7C1600x90&fws=1028%2C1028%2C1028%2C1028%2C1028&ohw=4000%2C1600%2C4000%2C4000%2C4000&ga_vid=1396311492.1691617812&ga_sid=1691617814&ga_hid=141382141&ga_fc=true&dlt=1691617810001&idt=2193&prev_scp=position%3Datf%26DIV_ID%3DCrown%26frsh%3D1%26i%3D0%7Cposition%3Datf%26DIV_ID%3DFlex1%26frsh%3D1%26i%3D0%26hb_deal_optimera%3DZ%2CC7%2CC0%2CSA1%2CSA2%2CM5%2CL9%2COB1%2CSA5%2CSA10%2CD4%2CM6%2CM0%2CTC4%2COB3%2CE1%2CM7%2CM1%2CL5%2CTC9%2CJ0%2CM8%2CM2%2CL6%2CTF9%2CDE%26amzniid%3DJFD1IEFNLi0s7BbFHRuQ5lcAAAGJ3EdeUQUAAAv-AQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICB4necP%26amznp%3Dbdtxj4%26amznsz%3D728x90%26amznbid%3Dznueio%7Cposition%3Datf%26DIV_ID%3DAP300%26frsh%3D1%26i%3D0%26hb_deal_optimera%3DZ%2CA6%2CSA1%2CSA2%2CM3%2CL7%2CL1%2CTA2%2CSA10%2CDE%26amznbid%3D2%26amznp%3D2%7Cposition%3Datf%26DIV_ID%3DAPflex%26frsh%3D1%26i%3D0%26hb_deal_optimera%3DZ%2CA6%2CSA1%2CSA2%2CTA4%2CSA10%2CD4%2CM6%2CTC4%2CE1%2CM7%2CTC9%2CJ0%2CM8%2CTF9%2CDE%26amznbid%3D2%26amznp%3D2%7Cposition%3Datf%26DIV_ID%3DBPflex%26frsh%3D1%26i%3D0%26hb_deal_optimera%3DZ%2CA6%2CSA10%2CD4%2CE1%2CJ0%2CSA6%2CDE%26amzniid%3DJMu4JQg0NAP98jTeYqF7lBAAAAGJ3EdeUQUAAAv-AQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICACySpU%26amznp%3Dbdtxj4%26amznsz%3D728x90%26amznbid%3Dznueio&cust_params=v%3D23.8.4%26urlhash%3D510d1172f4b60283dd404611ddbaf2e7%26treg%3D0%26page_type2%3Dhome%2520page%26PageUrl%3Dwww.timesunion.com%252F%26referrer%3D%26section1%3Dhome%26nlp%3D%26nlp_entities%3D%26scrollpage%3D0%26hpx_ipc%3Dnull%26hpx_fid%3Dnull%26hpx_kb%3D0%26permutive%3D40919%252C42136%252C42567%252C43447%252C43465%252C44089%252C44258%252C70747%252C79087%252C87427%252C115180%252C147726%252C147918%252Crts%26swgt%3Dtu_na%26custom%3Dactive_tab%26WcmID%3D4654%26juice_id%3D66623&adks=4088791739%2C422643193%2C359579091%2C1174897365%2C1098772090
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
f8a088ac03e6890d09986b066a20729680b8be287a7b9f3b966b822cdf058311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42511
x-xss-protection
0
google-lineitem-id
-2,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCE0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:14 GMT
expires
Thu, 08 Aug 2024 21:50:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
TagAuditBeacon.rnc
tm.hdmtools.com/hearst/news/ 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tm.hdmtools.com/hearst/news/TagAuditBeacon.rnc?cid=109&data=[-1|-1|1;-1|-1|1;-1|-1|1;271036|2903016|1;496364|3885920|1;377897|1374232|1;374590|3498804|1;509081|2230575|1;-1|-1|1;-1|-1|1;491497|3557015|1;694493|3924230|1;485695|2012024|1;-1|-1|1;716425|3788527|1;710240|3890545|1;678066|3773364|1;719876|3796124|1;363030|3273670|1;518897|3261750|1;627174|3113283|1;499656|3554620|1;412309|1490292|1;602026|2883808|1;714848|3753477|1;532629|3312236|1;557243|3263872|1;730503|3808806|1;737803|3881428|1;514717|3812983|1;660033|3734906|1;-1|-1|1;733549|3846697|1;225049|3752773|1;704021|3837956|1;687565|3589835|1;-1|-1|1;-1|-1|1;729974|3798169|1;643925|3924248|1;642569|3651006|1;747602|3914955|1;614032|3787967|1;636340|3737732|1;619267|3292226|1;711767|3737682|1;737516|3872618|1;497564|3881089|1;-1|-1|1;495854|3863732|1;568915|2928729|1;495860|3922931|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1]&idx=0&r=6816.478016298522
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.248.150.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-150-184.ap-northeast-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
via
1.1 1220701d35c586acd5385ae55b320c98.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C1
age
6489
x-cache
Hit from cloudfront
cache-control
no-cache, no-store
x-amz-cf-id
mwH_3xewGrMA_S3xaWT-k0JeTEQ5Z2q6kSWs1MTaPcP5yPby8kpNhQ==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=772962626513104&ev=PageView&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814464&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691617813494.1701705887&cs_est=true&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169188807166631&ev=PageView&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814466&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691617813494.1701705887&cs_est=true&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=853388561414006&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814468&cd[segment_id]=42136&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2001644490083168&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814469&cd[segment_id]=42136&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=772962626513104&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814470&cd[segment_id]=42136&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169188807166631&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814471&cd[segment_id]=42136&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=853388561414006&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814472&cd[segment_id]=42567&sw=1600&sh=1200&v=2.9.121&r=stable&ec=2&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2001644490083168&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814473&cd[segment_id]=42567&sw=1600&sh=1200&v=2.9.121&r=stable&ec=2&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=772962626513104&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814474&cd[segment_id]=42567&sw=1600&sh=1200&v=2.9.121&r=stable...
  • https://www.facebook.com/tr/?cd[segment_id]=42567&coo=false&dl=https%3A%2F%2Fwww.timesunion.com%2F&dpo=LDU&dpoco=0&dpost=0&ec=2&ev=PermutiveSegmentEntry&exp=a1&fbp=fb.1.1691617813494.1701705887&id=...
0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?cd[segment_id]=42567&coo=false&dl=https%3A%2F%2Fwww.timesunion.com%2F&dpo=LDU&dpoco=0&dpost=0&ec=2&ev=PermutiveSegmentEntry&exp=a1&fbp=fb.1.1691617813494.1701705887&id=772962626513104&if=false&it=1691617813221&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1691617814474&v=2.9.121
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?cd[segment_id]=42567&coo=false&dl=https%3A%2F%2Fwww.timesunion.com%2F&dpo=LDU&dpoco=0&dpost=0&ec=2&ev=PermutiveSegmentEntry&exp=a1&fbp=fb.1.1691617813494.1701705887&id=772962626513104&if=false&it=1691617813221&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1691617814474&v=2.9.121
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169188807166631&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814475&cd[segment_id]=42567&sw=1600&sh=1200&v=2.9.121&r=stable&ec=2&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=853388561414006&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814476&cd[segment_id]=43447&sw=1600&sh=1200&v=2.9.121&r=stable&ec=3&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2001644490083168&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814477&cd[segment_id]=43447&sw=1600&sh=1200&v=2.9.121&r=stable&ec=3&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=772962626513104&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814478&cd[segment_id]=43447&sw=1600&sh=1200&v=2.9.121&r=stable&ec=3&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169188807166631&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814479&cd[segment_id]=43447&sw=1600&sh=1200&v=2.9.121&r=stable&ec=3&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=853388561414006&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814479&cd[segment_id]=43465&sw=1600&sh=1200&v=2.9.121&r=stable&ec=4&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2001644490083168&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814480&cd[segment_id]=43465&sw=1600&sh=1200&v=2.9.121&r=stable&ec=4&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=772962626513104&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814482&cd[segment_id]=43465&sw=1600&sh=1200&v=2.9.121&r=stable&ec=4&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169188807166631&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814483&cd[segment_id]=43465&sw=1600&sh=1200&v=2.9.121&r=stable&ec=4&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=853388561414006&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814484&cd[segment_id]=70747&sw=1600&sh=1200&v=2.9.121&r=stable&ec=5&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2001644490083168&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814484&cd[segment_id]=70747&sw=1600&sh=1200&v=2.9.121&r=stable&ec=5&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=772962626513104&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814485&cd[segment_id]=70747&sw=1600&sh=1200&v=2.9.121&r=stable&ec=5&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169188807166631&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814486&cd[segment_id]=70747&sw=1600&sh=1200&v=2.9.121&r=stable&ec=5&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=853388561414006&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814488&cd[segment_id]=87427&sw=1600&sh=1200&v=2.9.121&r=stable&ec=6&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2001644490083168&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814488&cd[segment_id]=87427&sw=1600&sh=1200&v=2.9.121&r=stable&ec=6&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=772962626513104&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814489&cd[segment_id]=87427&sw=1600&sh=1200&v=2.9.121&r=stable&ec=6&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=169188807166631&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.timesunion.com%2F&rl=&if=false&ts=1691617814490&cd[segment_id]=87427&sw=1600&sh=1200&v=2.9.121&r=stable&ec=6&o=30&fbp=fb.1.1691617813494.1701705887&it=1691617813221&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a1&rqm=GET
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
css
fonts.googleapis.com/ Frame 70D7 		5 KB
739 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:50:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Aug 2023 21:50:15 GMT
css
fonts.googleapis.com/ Frame 70D7 		11 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,300,800,400
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
7add9eadb90b41f30c66c878aa2cc88a97270a0ddf27933ee3629e628c9bbf36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:50:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Aug 2023 21:50:15 GMT
css
fonts.googleapis.com/ Frame 70D7 		725 B
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
1307fbe43b86593c3d12ecf319538440eeb676757d2d15a70aea4dbc0667edc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:41:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Aug 2023 21:50:15 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame 70D7 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
603, 617, 617
age
8054500
cdn-cachedat
2021-06-08 11:31:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b5967c4c798702d6fd3b545e0a3ac6d6
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7f4336af49158338-KIX
cdn-requestpullsuccess
True
sweet-alert.min.css
cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/ Frame 70D7 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/sweet-alert.min.css
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01223964fea2b7a74d6818a44c00c1ce4fb57ba04206ac6ab89666761ec462ad
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1588
last-modified
Thu, 22 Jun 2023 11:20:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942e6b-634"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0TRFnGMmlukqM%2FfONIzEC2ABQkm5Q319wd1pJ9Drzy4KLiwfklea3znnbhaVIT%2FBf4dsHS45yzCfkGC7l1%2FHN%2B3JoOtTYz6ESFW6sLUI5svskBEbYKd5cwmzAbYmBxaxZv3%2F2R%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9e7834c-KIX
expires
Mon, 29 Jul 2024 21:50:15 GMT
vert.css
cdn-scorestream-com.s3.amazonaws.com/cdn/css/widgets/scoreboards/ Frame 70D7 		77 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-scorestream-com.s3.amazonaws.com/cdn/css/widgets/scoreboards/vert.css?v=59
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.193.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2819cabffa3543dd98ce4506e5f93cfee2ddeb97d7125dfbad735b927ef402f2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Nov 2021 21:03:15 GMT
Server
AmazonS3
x-amz-request-id
JRNSVYRC4YMBAZBT
ETag
"99ef750eeadd7f79ff89a2143e9a9244"
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, no-transform, public
Accept-Ranges
bytes
Content-Length
9237
x-amz-id-2
kKgKqOKGj5Wc6hzGd6v/YNFI1eTiTzP2JgvY6wOLuTe1YeMiPC1zeoQWuDMa5tqcayKuIjWlGII=
gpt.js
www.googletagservices.com/tag/js/ Frame 70D7 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
c11a375d8a52962f5632ffe249ace6859a7ef490bb3f952420c366bb47185058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28146
x-xss-protection
0
server
cafe
etag
244 / 19578 / 31076823 / config-hash: 10263545680147000702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 21:50:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ Frame 70D7 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26655
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-681f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aD1jTS46X24aDwllfsZ7xM8dWDA5Ad7TBKwYR1%2B%2B2J3o87hxPd%2F3Sue2Pl7MaywIN5DxHXytXr1d5q9%2FszuBKnCyGmIrdY6TDlcibQfpO4AXQXzbEQUZGeAwI3ttdSRGOCIqgLgX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9e8834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ Frame 70D7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4751265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
591
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Krq8Ajm1bdQY3WqekmzwrxTaCc5LZzBpcYiRWMWBOjYSfEpeZI37fWiiU756afvYxnt%2Fyiq8Ro85pJgBd7WXiZmKsSC7q8Ep6DkCXVHxHtC78EHstEYc%2BNSF75BpALG9EeYbx2K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9e9834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
async.min.js
cdnjs.cloudflare.com/ajax/libs/async/0.9.0/ Frame 70D7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/async/0.9.0/async.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0daa37303ae9cf4bfbbdc1e84b61f4b4775255b4ad06676165282b2cfc2d31d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
22039631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3380
last-modified
Mon, 04 May 2020 16:05:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d5e-2f7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeITaT3cjEapP%2B8xoZXxFbT4FDgibyY4aSItGjaQS5AvT%2B6jZMIwbfyVwb6sBoQYoZLuyulILMJFVnnfNXyBp0nl8bcCeYvC5LWd3PTyatGAE3pAB%2FNXhrAjnpV7q5Xdp6xXPJgE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9ea834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
lodash.min.js
cdnjs.cloudflare.com/ajax/libs/lodash.js/3.10.1/ Frame 70D7 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lodash.js/3.10.1/lodash.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10894045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16747
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-c56f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8r5rDTjCHnUrycGkvNQKiQL5gDq6%2F26x0WGDso1UxnyU3v90mMROJ0VDYgtM5sc%2FrWqMlWFRcpN5ei74GRCsStf%2BeoRavSWhCcJ1JXFa9%2BZotYBXqQscRD%2BHQYAIoRKlUsGFcmT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9eb834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
dust-core.min.js
cdnjs.cloudflare.com/ajax/libs/dustjs-linkedin/2.7.2/ Frame 70D7 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/dustjs-linkedin/2.7.2/dust-core.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3dbf29d5bf5c976b5652a505617a6867d0e1c240d7824fb5ffd48585ea5e31c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3820
last-modified
Thu, 22 Jun 2023 10:59:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"649429a7-eec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5PmELeZGAQlozIr06IMJjsOSFEAu5LFXwdo1hIvuZ9fkkh2sfKH1LixYPBkld3l2DxVz8a24L7dPxtJ0lvaaoENbzDWGV4gVx36e71bKXWsoLQwOAEbZ6WseutjPM9opF3eAYII"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9ec834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
dust-helpers.min.js
cdnjs.cloudflare.com/ajax/libs/dustjs-helpers/1.7.1/ Frame 70D7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/dustjs-helpers/1.7.1/dust-helpers.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01f4bcb4a73433cc805e774f38b19ef6c6c52b551ac1fe857dd8a9d5795385e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
20719613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:09:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e3e-1216"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BjKbmoSBsf8hLNBU9GVAXQCi3PPNtblEQ5DviUj9qCbxjBJGXWSxj4HC0HX3HQ0a9wz8M1O3bwb5cMiwnvEDBg0VhU02rP%2FCBZRNiBV5TlLMWSeyUmPz9t8awkP5x2qv2jSMLZk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9ed834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/ Frame 70D7 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/moment.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62d68b60ce880b5ea669c774c2c84b7c9e88cf58ffe26b0d3f449580d18d550d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9866267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11364
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-8684"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WE2htR%2FHdUWPm8oZVMDz7mtYMl3pB%2BCQqPlTfjLzy8xqZnQdrfKnX03dXMlVesgfnq8hVP4%2FcFFuvHLxZ0eo94jyl821fQfh%2BNLGLTN7%2BBIHzne5BYiPryXCQJc95UMIhUKJZlaV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9ee834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
sweet-alert.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/ Frame 70D7 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/0.4.2/sweet-alert.min.js
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce3d3481cf65d3f3dde8454f7e67ee233cb619a671f43f63dd982ed08fdfd4c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9579343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3239
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-28b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3iQ0CTjBV4q84hupKK1D4DLlrFUHr6nh3Cd4PRNraldYITYsanMy7bjcALGt64lIupCirggn7JcQYtl%2F7dz3379FhFvlssz%2FkaBymfY9GajICvShsQDsSW92ddbqDLKVNdICIVL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336acf9ef834c-KIX
expires
Mon, 29 Jul 2024 21:50:14 GMT
vertBundle.js
cdn-scorestream-com.s3.amazonaws.com/cdn/js/bundles/ Frame 70D7 		203 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scorestream-com.s3.amazonaws.com/cdn/js/bundles/vertBundle.js?v=59
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.193.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f09a4c5bd13c3c5f3059b0d2cf2fefb0dfdbcc751931fe1c90db3123357a6683

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Feb 2023 00:49:18 GMT
Server
AmazonS3
x-amz-request-id
JRNG86K0YN4ABKND
ETag
"3417311285d4e415a211b4743835feee"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, no-transform, public
Accept-Ranges
bytes
Content-Length
43453
x-amz-id-2
/HlWBCEyWD324zDGLCpYk1rjLxTPu3ZXgBnLE4kNxzwm1z9t00dzI2HCyLjCwkmP4b1XcUZUihw=
js
www.googletagmanager.com/gtag/ Frame 70D7 		261 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-83R37ZLDWZ
Requested by
Host: scorestream.com
URL: https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3989ec56a67da82386c405919dc460164961d7f4b26e29afe688f7f4df5d5bc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89236
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 21:50:14 GMT
/
www.facebook.com/tr/ Frame ABE6 		0
51 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.timesunion.com
Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.timesunion.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame CAFA 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.timesunion.com
Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.timesunion.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pbs.gif
sync.colossusssp.com/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.192.253.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
collect
www.google-analytics.com/j/ 		3 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=141382141&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=0%25&el=channelBodyScrollProgress&_u=6CDAiEABBAQCACAOI~&jid=691311109&gjid=728204989&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_slc=1&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Undefined&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&z=1558226245
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1616916-7&cid=1396311492.1691617812&jid=691311109&gjid=728204989&_gid=1559938092.1691617815&_u=6CDAiEABBAQCAGAOI~&z=838520679
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 09 Aug 2023 21:50:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=141382141&t=pageview&_s=2&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDAiEABBAQCAGAOI~&jid=&gjid=&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Undefined&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&cd29=Logged%20Out&z=1384787218
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23188
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=141382141&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PerimeterX&ea=Score%20Value%20Ready&el=1&_u=6CDAiEABBAQCAGAOI~&jid=&gjid=&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Undefined&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&cd29=Logged%20Out&cd80=Score%3A1%7Cf_kb%3A0&z=1384663878
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23188
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=141382141&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic%20-%20Right%20Rail%20NL%20Signup%20-%20The%20Knick%20-%20ALBY%20TU&ea=view&el=ALBY%20TU%20RR%20The%20Knick%20View%20Col&_u=6CDAiEABBAQCAGAOI~&jid=&gjid=&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Undefined&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&cd29=Logged%20Out&cd80=Score%3A1%7Cf_kb%3A0&z=391328669
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23188
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=141382141&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic%20-%20TU%20Nav%20Subscribe%20Button&ea=view&el=TU%20Subscribe%20Button%20-%20Seasonal%20Sale&_u=6CDAiEABBAQCAGAOI~&jid=&gjid=&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Undefined&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&cd29=Logged%20Out&cd80=Score%3A1%7Cf_kb%3A0&z=1674340625
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23188
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame F43D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LL49KHU4-18-JMIW
  • https://usersync.gumgum.com/usersync?b=mag&i=LL49KHU4-18-JMIW
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LL49KHU4-18-JMIW
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LL49KHU4-18-JMIW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Expires
0
rum
dsum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209814&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209814&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209814&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNQKFs3ld5943t1XPXFPfwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A892 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNQKFs3ld5943t1XPXFPfwAAFY8AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WY752ABBNN7RGB8BSJ9Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNQKFs3ld5943t1XPXFPfwAAFY8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Wed, 09 Aug 2023 21:50:15 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3735528708331917475&expiration=1692827415
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3735528708331917475&expiration=1692827415
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3735528708331917475&expiration=1692827415
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHT2U7JqBQAACS4iMx9tQ&expiration=1692827414
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHT2U7JqBQAACS4iMx9tQ&expiration=1692827414
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHT2U7JqBQAACS4iMx9tQ&expiration=1692827414
Date
Wed, 09 Aug 2023 21:50:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame A892
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2546882368749204855
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2546882368749204855
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
an-x-request-uuid
252a4a00-6fd3-4ce4-855b-6a5ee09a1e2b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2546882368749204855
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A892 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZNQKFs3ld5943t1XPXFPfwAAFY8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7VSNFH3KKB887PYCW4GE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2383256&ntv_pl=1115388
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.190.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-190-125.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=657d00c0-f64a-4906-b622-24ce1fa580ba&ntv_fl=MKBrBg114Ea90rgfn5agxJk7GB7q4t2dFRGaTW9tO8rhFpZx00Ar7J-OvHoWlk8lakNsRAqt8v4fqMiAnHZ6uEQlmQjWkOAMXGvyEU3uubxytPPw5gbz-JG0a6lUFyCIU9zvXWFGBBWfPu0SHOUovcgIUiVKeX1O6OsAh5N1i3xVR3MIrSsnrr6jO7rf_NYQEMv-_mIQrq3HTaTGac62D5AsmKoIRSXd0XA207Z9Vn9nXQN6UtEczLdSCKqqA_fK6xmjSgfxmwNFw4EDVcLWyRII_7t_BMbuHn46YALq3s2MDZVmzYfWyD5PE4PAPPZSLzSyv5OmRSq0e-XSTOeqfA==&ntv_ht=FgrUZAA&ntv_at=303,302&ntv_a=AAAAAAAAAA_AQRA&ord=1691617814783&ntv_it
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.190.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-190-125.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a5d6e297-f5f3-43ef-ae4b-ef121c0ea8f6&ntv_fl=ZpaBn7_ajOtII-XstGNPnO_srMwb2sE0YCYk7bMinrWCqpZtBncSnSC5wkCnUgNVofHPvDTap815K-HXnQaZczdr9xSFnioMgq9FCUIHHs-uM063Vee6G_of8MefG7zsqZE5kKOT5mWuFSU1-z7e_8BVl8xVNfU-uHL0pBG8tkMijfDWywkRk4vGsd8A3gbYUbHs9fR2lJXlsmGtbmtYh-v26AERBWFBo6NfBs-sKweEAyCBSkXqgtoUWpJWyG78LVDHe0042xO1Fn3rVHkREqb_L7h64GMdCQ58tYlGI38-7KOEk6xkuXyI2wqvAWtoYYCDQRLRaA374esgJeow9w==&ntv_ht=FgrUZAA&ntv_at=303&ntv_a=AAAAAAAAAA_gQRA&ord=1691617814786&ntv_it
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.190.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-190-125.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=d5cd5775-2f37-42e2-9a75-d57f1acc5b0d&ntv_fl=J8BJ-zDruVwBLxVQ8552-9tqrZhdORewcT9Tj7yHBfYLKxk11AgpnkE8nvDQZtxzAzSIHWngdgIUwsN2y44mspoVQKIca-sFYWmfEsjyDOQTrwUh5p_SH2FUoqAQNoL5QslOjO_okz3UV3O2IBlQ_hKnZq0dqXBCb7tXo_PZ39_WhD8psj-8YkHfw2-KjC6rOB1y11LHJFW4o0PWl_sDINKuYXVk1h38sfVvSsLjs2JyAfELShAvE9yj6wmaiSG3UYXcaPwFVlCoNimCst5STD4RVyI2Iy6uM_aGaEisVmS1eDLcPEXYNGWMd0LIlIyU7O8afrNuSR6Nr26pabNmBw==&ntv_ht=FgrUZAA&ntv_at=303&ntv_a=AAAAAAAAAA_wQRA&ord=1691617814787&ntv_it
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.190.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-190-125.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
silent.html
www.timesunion.com/hdn/hrlm/p/ Frame E4F2
Redirect Chain
  • https://realm.hearstnp.com/connect/authorize?client_id=hdn.js&redirect_uri=https%3A%2F%2Fwww.timesunion.com%2Fhdn%2Fhrlm%2Fp%2Fsilent.html&response_type=id_token%20token&scope=openid%20email%20hdn....
  • https://www.timesunion.com/hdn/hrlm/p/silent.html
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/hdn/hrlm/p/silent.html
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/assets/0x7F903A52B79EAF5075AD3B2924B1FDF726649C8C/GetJS?url=www.timesunion.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
5b8994ebe10be88dce623eac044733b7fabefbc5440310abe45244587cac2bda
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
content-length
4054
content-type
text/html
date
Wed, 09 Aug 2023 21:50:15 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=300
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-itm18838-ITM
x-vcl-version
375

Redirect headers

Cache-Control
no-store, no-cache, max-age=0
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:14 GMT
Location
https://www.timesunion.com/hdn/hrlm/p/silent.html#error=login_required&state=06f295bbd369406084ada4ad50b31a29
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A14%2B09%3A00&ts=1691617814801
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
9148d1da8329d05f7c8989d70e1cb552c80d16cfb0f7d878505fa245c746c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5126
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
k5Cimss0pPr7KEiZo-M93RL_0NxwZg_Z22-CdXyqwru80tfFPhxeaw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-sys.com/match/ Frame 3491
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=e49264d4-0a17-4000-b5ba-3c07d55b35b8&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=e49264d4-0a17-4000-b5ba-3c07d55b35b8&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 09 Aug 2023 21:50:15 GMT
Server
MT3 1031 59fd23a master nrt nrt-pixel-x24 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=e49264d4-0a17-4000-b5ba-3c07d55b35b8&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Aug 2023 21:50:14 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3491 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.80 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
17c962550296893d145ef1b8078fc6d6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 3491
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2546882368749204855
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2546882368749204855
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
an-x-request-uuid
210243d2-52f9-4b22-95b1-772c331de01f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2546882368749204855
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3491 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=mQcPUMHqDGozoLMWoPard5rW6A_ETEOFbSiCz1wZoz8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3491
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABidxHa1LPIoyYSVkhZ1D3B29NzPRdRmiH4A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABidxHa1LPIoyYSVkhZ1D3B29NzPRdRmiH4A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABidxHa1LPIoyYSVkhZ1D3B29NzPRdRmiH4A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 3491 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-length
0
/
onetag-sys.com/match/ Frame 3491
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCJeU0KYGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Wed, 09 Aug 2023 21:50:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3491
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mQcPUMHqDGozoLMWoPard5rW6A_ETEOFbSiCz1wZoz8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mQcPUMHqDGozoLMWoPard5rW6A_ETEOFbSiCz1wZoz8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EFW42QHPV7HTD1H10QCW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mQcPUMHqDGozoLMWoPard5rW6A_ETEOFbSiCz1wZoz8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 3491 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-length
0
/
onetag-sys.com/match/ Frame 3491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEML6LzLGwvCll9xnkpJJRiM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEML6LzLGwvCll9xnkpJJRiM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEML6LzLGwvCll9xnkpJJRiM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 3491 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.143.106.89 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 3491
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 3491 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
setuid
prebid-server.rubiconproject.com/ Frame 3491 		0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=mQcPUMHqDGozoLMWoPard5rW6A_ETEOFbSiCz1wZoz8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
/
www.facebook.com/tr/ Frame 977B 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.timesunion.com
Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.timesunion.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 9AC3 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.timesunion.com
Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.timesunion.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:14 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		392 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
71a9618148baa83dc04762d129010b5dd81ef7a8c639099c68f9901316525f81
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:15 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
392
x-cache-hits
0
simple
api.sail-personalize.com/v1/personalize/ 		256 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
8bcf132b1b442f5d27d05b5656f3654d263730746bcc56505d369367e80894df

Request headers

x-lib-version
v1.0.1
accept-language
jp-jp,jp;q=0.9
authorization
Bearer 5bb9eee089bdc2e27cbd265535ad1f90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.timesunion.com/
x-referring-url
https://www.timesunion.com/

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
173
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.timesunion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.timesunion.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Wed, 09 Aug 2023 21:50:15 GMT
increment
id5-sync.com/api/esp/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
container.html
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E3B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:14 GMT
expires
Thu, 08 Aug 2024 21:50:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1616916-7&cid=1396311492.1691617812&jid=691311109&_u=6CDAiEABBAQCAGAOI~&z=269532181
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1616916-7&cid=1396311492.1691617812&jid=691311109&_u=6CDAiEABBAQCAGAOI~&z=269532181
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter.min.js
www.timesunion.com/dist/hdn/workers/ 		76 B
480 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/dist/hdn/workers/counter.min.js?undefined
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
e3601de6397dbe1a2b7852abedfbefaca1cb2f849bfdab6321a1563714dee752
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
164329
x-cache
HIT
content-length
86
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 15:02:24 GMT
server
Apache
x-timer
S1691617815.219017,VS0,VE1
etag
"4c-6015104c10000"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=timesunion.com&p=%2F&u=cLGXoBLw2V1Cm7mc4&d=timesunion.com&g=53046&g0=home&g1=No%20Author&n=1&f=00001&c=0.06&x=0&m=0&y=10347&o=4000&w=1200&j=30&R=1&W=0&I=0&E=3&e=3&r=&PA=https%3A%2F%2Fwww.timesunion.com%2F&b=5207&t=CUW893CiCLipqkCf8dE0tgxVJxd&V=141&tz=-540&_acct=anon&sn=2&sv=DbMIDmDgasbnDR7I07Dz89AVCjwM4_&sd=1&im=067b0ff3&_
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-173-138.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E608 		448 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYvbn-4AEwAQ&v=APEucNXdZ7EFjpO8E1I4R4prkDCgIZJNiwKcbStIk9kQWLyyQdfPtBu5UiD15XoBZtPWRY1oMwmq4i3S8PVKeBHRRTnq7jVyow
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230808/r20110914/ Frame 0E3B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230808/r20110914/abg_lite_fy2021.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 18:56:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
10413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:56:42 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230808/r20110914/elements/html/ Frame 0E3B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230808/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 18:56:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
10413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3069
x-xss-protection
0
server
cafe
etag
15211577367894686919
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:56:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0E3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunL07mXLCggjrHaFQc-QX0yrMncAikl6SWbP5eDcjD4G0FtflAkS3WHc721YPGLaAwiFQGbQfwmxgoEPfKSb0OF8HUky0HOZ8AVwWsbKFk7gfp6rTaofnoKGcgKBXc07NzpkxH7-228QaoU5ki4rS2q8Fs67BfFTLwpckk9xhXPjwZhX0tDUT5d5A_YiAIbNVNZiyT59VcSUm32osiqVPb-b3D6MnF-w0XmPK1WCQtU28wI8yDJOdvNxp8nx2sCGsyyZTVFLxd-aFbOhATSGc056s7h7KX64sjGcCGp0jKlT0aOLhDAqp81mmYT3C57aeuhVDUsvlBPEs4ij2hrAzDSp0AaZX-HueT7dtZ-kQBkJ0nwNITBSsx54WeVEA4RWs8ufso-uchxCfDioNkO_3Q9XB7_2TZCR-j_VNDW7YGjXxb-t17n9I6NnM7hi_yf3xrqOdIvTHOuKAFKtAXQ1Qe4mCHoSwqOF2TgaL-_u0K2prD7hdAtWkhjBirv5tjCRc9omTmLpYLum14jG3w8hTXpy0whvqMOpVgkNKU7AFGUD-SrThlS78GV6f_FFdszTbIZkQ167YsmZnJuXtNDXwTnMJ8axgHQAx5YNjHyFhQAlKAC9XVI3_UfzGSiog7HAzL-gcnPTi1-XvhfYxk05OzuBOoCXeY3sA6EGB5bYvSvsJFFBaIbMzwtVnTueK2loR8WDsm6QIP7L7xpHMdBDAhAsnKm-W9Q90AfShIw674Zki3Bb5_a4zgW4uPblTdAPHaoh73de-F3Siefz4uBQ9CkxPZ-ZxEBLo-Zu2Sh0L5e1ebgSa7eV8cp10Q8Va5hYWLVTvGe_oCJArpmvKK6_vzHEpoqbXtRZhL9I2pbtahGdHKZPyiiu-pc63rVUlPS4C6LeCF-KT5dg-g-d_3I_qDOYHn_E1AHGHl3PDEZNIRnqSRWEmmi5SmqxQ4UE_alBX8B5SzBE_qAMvoQeucMighi7xCUuXMG84oRS9QIY273IuNOY_qDow4pHzlumtLx9rYDifKkGUOkC9coELnPGRKY51KoSyqOYM7iX_E3vhaI8pxajloIwSGfpzKDa9FLjBXf0Njf4wTQRllzysyDOeLcNIpGWr7gbeFjfPdDCGNngvcWAJy0InrA1xObkXxqRy7TOLKS5gusFtfo8OXl323gTGa3DX9De-iDNJRksGSwOu3T86_yYotRMKRk_XBupMnCF9RtkHU6z5wUOxRpYPVuocA1MMDqM1l9VWjPssn_-lPBLpF4HG_3_OSQWLSRiLQKAqIN-go7IXBCZjASHA6gvJhb8VCybFctYP36etbqLZrKZdXKL9FYMjvpF1hxbbRbBCqRMo3cGZ5Vb3PZG200hqZWSbaDeC6MMBZA1MYhm1ge_bq_A1AKdS5E9GAgjmBVd3q95emsB1UlWx1zHGX3NggFdghW9Hp&sai=AMfl-YT9cUowVn8zAstdbsz0PNueIap1AaQMeJNJmumamme3Z5-tn-lSM6aix_PSPTBj11K5RuahCtfOkYohzfNii9m0WGVP8RUs-kbxD24xEhv0JIm07RRH6Q12csHZDNuXr4F25XFWm4iDls1u8LTOrSj2jrztREvfQZGi0DLXkvhRuyN3jKVKxoHc1NVBnmwbcxPE-HP3T4xPVZoWwYPPaIfyzOY3_jub_MnMEGc3tHzq1FpxTx_dTWQLkpQwiwIhAcbtR1cH_iF3BrPnNPgiOzaZtr26NmBWCMcFjUy2BAN-BlbrUcKju9TMRQ7UvWSCSoCmh12G0kYhgDxDWx5a0nGjXI-2qfppIXba9lhDPzSoTZggFLjmLyJqt1KaPgPQgLX8X-X2dK5bDLfYOzI8opZsLODIF3E57y1IL2dSlKt5&sig=Cg0ArKJSzP-R-wfiSkUJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230808.20365&arae=0&ftch=1&adurl=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Aug 2023 21:50:15 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 09 Aug 2023 21:50:15 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0E3B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
44529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 09:28:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230808/r20110914/client/ Frame 0E3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230808/r20110914/client/window_focus_fy2021.js
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 18:49:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
10871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:49:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 02A3 		1 KB
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

age
49466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 08:05:49 GMT
etag
48472445140208031
expires
Thu, 10 Aug 2023 08:05:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230808/r20110914/client/ Frame 0E3B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 18:49:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
10871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:49:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E3B 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aim0uX6hNwsuAdpc_X4KyinZJW12_HDwqXYvXwneiFkAb0N-vMTYheWybsT70iZHKF8K9-JV7xbxwI-aIyVhTTNAwew2fsGurFstofQzKBFXDKlGs
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 0E3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTubWxN18qdIyswBnjX179BZYUoXB82HGvg1UrAgqfXaWi3h-y8uJUkc2P6HhTeyK8ngwOkn2zmtLdRIdobIMq_m_UqqQ
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E3B 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
sffe /
Resource Hash
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57420
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691408699217355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 21:50:15 GMT
6608422084106503843
s0.2mdn.net/simgad/ Frame 0E3B 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6608422084106503843
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f6.1e100.net
Software
sffe /
Resource Hash
01413180f8c7d01f299a1427f694347297ac4a54115a357bc2f562a43f2fbacb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 00:29:37 GMT
x-content-type-options
nosniff
age
249638
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171087
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 08:09:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Aug 2024 00:29:37 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070101/ Frame 70D7 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308070101/pubads_impl.js?cb=31076823
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
4bd272bdb3656cefe523b13f9cc792df0f5b0b5eb54ff4b041d4ed3d8eef81e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 10:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
40439
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129226
x-xss-protection
0
server
cafe
etag
9778094270887948921
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:36:16 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3mRviaa11Sa5OsBwEJnd&gdpr=&gdpr_consent=&us_privacy=1---
86 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3mRviaa11Sa5OsBwEJnd&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3mRviaa11Sa5OsBwEJnd&gdpr=&gdpr_consent=&us_privacy=1---
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
captcha.js
www.timesunion.com/413gkwMT/captcha/ Frame E4F2 		482 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/captcha/captcha.js?a=&u=b71d5510-36fe-11ee-9cef-43d9513c78bd&v=b59c4e7a-36fe-11ee-a2c8-a06ff798ce28&m=0
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/hdn/hrlm/p/silent.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e866b038bb99fc9270c334274e4b439ebef7b24000dad854b5080d952213ffc5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/hdn/hrlm/p/silent.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
via
1.1 varnish, 1.1 google, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=300
age
0
x-cache
HIT, MISS
content-length
234110
x-served-by
cache-tyo11926-TYO, cache-itm18838-ITM
x-timer
S1691617815.314710,VS0,VE586
etag
W/"787a0-Y9gIiPLjKWY7RzH2neWY3onf02Q"
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
1, 0
pixel
cm.g.doubleclick.net/ Frame E608
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYvbn-4AEwAQ&v=APEucNXdZ7EFjpO8E1I4R4prkDCgIZJNiwKcbStIk9kQWLyyQdfPtBu5UiD15XoBZtPWRY1oMwmq4i3S8PVKeBHRRTnq7jVyow
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame E608
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYvbn-4AEwAQ&v=APEucNXdZ7EFjpO8E1I4R4prkDCgIZJNiwKcbStIk9kQWLyyQdfPtBu5UiD15XoBZtPWRY1oMwmq4i3S8PVKeBHRRTnq7jVyow
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E608
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNQKFmk-ZsdbmBXGQXOHVgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYvbn-4AEwAQ&v=APEucNXdZ7EFjpO8E1I4R4prkDCgIZJNiwKcbStIk9kQWLyyQdfPtBu5UiD15XoBZtPWRY1oMwmq4i3S8PVKeBHRRTnq7jVyow
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFL6inQgJQRH4tyrgGnMPEs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 02A3
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKA_AKNLgjHwqEz3YgC30s8&google_cver=1&google_push=AXcoOmRx8s2ziso3VM1jyqBfi6TjeZqt7NAgCkvIDL8DJy3p8XoGNk9O96...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRx8s2ziso3VM1jyqBfi6TjeZqt7NAgCkvIDL8DJy3p8XoGNk9O96dD2Bi50GZuZjtIHpoVLNesMsYeo2iY_d1NTE6t66yU&google_hm=FbeVgj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRx8s2ziso3VM1jyqBfi6TjeZqt7NAgCkvIDL8DJy3p8XoGNk9O96dD2Bi50GZuZjtIHpoVLNesMsYeo2iY_d1NTE6t66yU&google_hm=FbeVgj_yafpOeXTF63ivIA
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRx8s2ziso3VM1jyqBfi6TjeZqt7NAgCkvIDL8DJy3p8XoGNk9O96dD2Bi50GZuZjtIHpoVLNesMsYeo2iY_d1NTE6t66yU&google_hm=FbeVgj_yafpOeXTF63ivIA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 02A3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPdToqFA1xqFnTw4xj22NqQ&google_cver=1&google_push=AXcoOmSe13AzytSr1IGcPiR6V5dVoDbqtC3_Y7Cx7_s0bxZYrU_jTyspqntmPQgNSW_LfugKBcmTizIZPTT2ylGeBc91h8fxbQkW
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D6760D4DB5F94F92A06BCCFBD3FDA6C8&google_push=AXcoOmSe13AzytSr1IGcPiR6V5dVoDbqtC3_Y7Cx7_s0bxZYrU_jTyspqntmPQgNSW_LfugKBcmTizIZPTT2ylG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D6760D4DB5F94F92A06BCCFBD3FDA6C8&google_push=AXcoOmSe13AzytSr1IGcPiR6V5dVoDbqtC3_Y7Cx7_s0bxZYrU_jTyspqntmPQgNSW_LfugKBcmTizIZPTT2ylGeBc91h8fxbQkW
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D6760D4DB5F94F92A06BCCFBD3FDA6C8&google_push=AXcoOmSe13AzytSr1IGcPiR6V5dVoDbqtC3_Y7Cx7_s0bxZYrU_jTyspqntmPQgNSW_LfugKBcmTizIZPTT2ylGeBc91h8fxbQkW
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 08 Aug 2023 21:50:15 GMT
pixel
cm.g.doubleclick.net/ Frame 02A3
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEEblFGlvaX2ODFNTd6loFeg&c_param1=AXcoOmSm2KqnA_cwxPHd-LqYDvJWSzPOVtzMy79_2DRQFaE7zQ17ZHFlbM34slfRH9skf5OvrLt--H2Eqiyw7sqsiQTUKy5omxkT&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSm2KqnA_cwxPHd-LqYDvJWSzPOVtzMy79_2DRQFaE7zQ17ZHFlbM34slfRH9skf5OvrLt--H2Eqiyw7sqsiQTUKy5omxkT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSm2KqnA_cwxPHd-LqYDvJWSzPOVtzMy79_2DRQFaE7zQ17ZHFlbM34slfRH9skf5OvrLt--H2Eqiyw7sqsiQTUKy5omxkT
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSm2KqnA_cwxPHd-LqYDvJWSzPOVtzMy79_2DRQFaE7zQ17ZHFlbM34slfRH9skf5OvrLt--H2Eqiyw7sqsiQTUKy5omxkT
date
Wed, 09 Aug 2023 21:50:16 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 02A3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.targeting.unrulymedia.com/csync/RX-eefa8192-70c3-4235-84a2-85294b02891d-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSxqC-exuuiLVvOuBmzQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSxqC-exuuiLVvOuBmzQkoiviZBONmQ6eZg_LTb0--WxYPBe7Ghf9R92ZiX8lVWmDJ5gKVy6prr0cCAvYZqgPCOwBwDhBie&google_hm=BO76gZJww0I1hKKFKUsCiR0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSxqC-exuuiLVvOuBmzQkoiviZBONmQ6eZg_LTb0--WxYPBe7Ghf9R92ZiX8lVWmDJ5gKVy6prr0cCAvYZqgPCOwBwDhBie&google_hm=BO76gZJww0I1hKKFKUsCiR0
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSxqC-exuuiLVvOuBmzQkoiviZBONmQ6eZg_LTb0--WxYPBe7Ghf9R92ZiX8lVWmDJ5gKVy6prr0cCAvYZqgPCOwBwDhBie&google_hm=BO76gZJww0I1hKKFKUsCiR0
date
Wed, 09 Aug 2023 21:50:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXeefa819270c3423584a285294b02891d004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 02A3
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHWDq_lw7a7OWA5Hoq8VMOE&google_cver=1&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_m...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHWDq_lw7a7OWA5Hoq8VMOE%26google_cver%3D1%26google_push%3DAXcoOmS-6EjpSzehH1S46e...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6409972205841127029&exchange=193&google_gid=CAESEHWDq_lw7a7OWA5Hoq8VMOE&google_cver=1&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMue...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY0MDk5NzIyMDU4NDExMjcwMjk&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY0MDk5NzIyMDU4NDExMjcwMjk&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_mn0QN2qAAWbyoO1UJIfuj
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY0MDk5NzIyMDU4NDExMjcwMjk&google_push=AXcoOmS-6EjpSzehH1S46ev09ndZC76N17DsdwLtFp9BewwLuMuef2iipYo-sKNF204lbZos6r2VQp_mn0QN2qAAWbyoO1UJIfuj
Date
Wed, 09 Aug 2023 21:50:17 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 02A3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECdv0096ijF4xhAad1gS0jg&google_cver=1&google_push=AXcoOmRLLjGKbEDzDOxVhU_K5R5ze0d74PVYwvG2iDuwLBqj9iM1iFwq1CNpBGYLdIkj9tBnfm...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QUHlRUU05RTJ1SGxNTkdrRjhEVW54T0l3M3hWZlhPRX5B&google_push=AXcoOmRLLjGKbEDzDOxVhU_K5R5ze0d74PVYwvG2iDuwLBqj9iM1iFwq1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QUHlRUU05RTJ1SGxNTkdrRjhEVW54T0l3M3hWZlhPRX5B&google_push=AXcoOmRLLjGKbEDzDOxVhU_K5R5ze0d74PVYwvG2iDuwLBqj9iM1iFwq1CNpBGYLdIkj9tBnfmKarVhf6jaQ4sxtBGXOJD1BorqmVw
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1QUHlRUU05RTJ1SGxNTkdrRjhEVW54T0l3M3hWZlhPRX5B&google_push=AXcoOmRLLjGKbEDzDOxVhU_K5R5ze0d74PVYwvG2iDuwLBqj9iM1iFwq1CNpBGYLdIkj9tBnfmKarVhf6jaQ4sxtBGXOJD1BorqmVw
date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
spacer.gif
an.yandex.ru/resource/ Frame 02A3
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEButqMNjh3W5etga0va7_uo?ext-param=AXcoOmRB81BBTblrGPE8ZTIpMc8j_KAXabypkefOXz2QvWFEg4vUAA_HlLoY9N_4yrXptrOQP_ia30EEbG_2kdona73G2VncY2S-&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEButqMNjh3W5etga0va7_uo?redir-setuniq=1&ext-param=AXcoOmRB81BBTblrGPE8ZTIpMc8j_KAXabypkefOXz2QvWFEg4vUAA_HlLoY9N_4yrXptrOQP_ia30EEbG_2kdona73G2VncY2S-&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEButqMNjh3W5etga0va7_uo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 24 Jul 2024 21:50:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 02A3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnX7qEFnPkfnKhf8-_yotzyw7eeIjoqJjaNSyVlGXP9-STYGhGHkGgrPVeSWaXneNOHQxhujBy
Requested by
Host: dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
URL: https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
userWidgetLogo1211122-2628-q71z6o.p2xc.png
s3-us-west-2.amazonaws.com/scorestream-gamepost-pictures/ Frame 70D7 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/scorestream-gamepost-pictures/userWidgetLogo1211122-2628-q71z6o.p2xc.png
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.224.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
8919369648ee6496fbc2ca7f407f8898b6ce2a4bad616c69de6b2eb3e62fc050

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:16 GMT
x-amz-version-id
InQgopVHavB1vuNc9yF3KmnJCPVh5TG7
Last-Modified
Wed, 22 Dec 2021 18:54:28 GMT
Server
AmazonS3
x-amz-request-id
JRNHP3R91T7QWWNZ
ETag
"cb678a0264da39d6b9fb852faf25d03c"
Content-Type
image/png
Cache-Control
max-age=2678400, no-transform, public
Accept-Ranges
bytes
Content-Length
14572
x-amz-id-2
jNEpdDAcoFWF7fSJ7sQ/w8zIPwfsxrkESW1kr27w/8t+f8uTZ4RmZdkTkpoMud3bfI3UrV4ES3Y=
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ Frame 70D7 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://scorestream.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
625, 617, 617
age
19860536
cdn-cachedat
2021-06-08 11:34:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56780
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f2fe0379ee5cff6417c5b00d11327028
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7f4336b68ebf8332-KIX
cdn-requestpullsuccess
True
bothPlatformsNavBar.png
cdn-scorestream-com.s3.amazonaws.com/cdn/images/appStoreBadges/ Frame 70D7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-scorestream-com.s3.amazonaws.com/cdn/images/appStoreBadges/bothPlatformsNavBar.png
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.193.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5f94a0052b94f267147776b1e5c569f5c22ce564b3cff54b56a6ea4404b7116b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://scorestream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:16 GMT
Last-Modified
Thu, 19 Jan 2017 21:10:27 GMT
Server
AmazonS3
x-amz-request-id
JRNP1WY3WM4GG4MY
ETag
"3b78d8a93eaaa45329f4acac9a19c9cf"
Content-Type
image/png
Cache-Control
max-age=2678400, no-transform, public
Accept-Ranges
bytes
Content-Length
1310
x-amz-id-2
IeCg/OU2OzI1yKbtdsdk3ZcHY9w+9UTjEyHy/zOnRXD5xPHxYxTkmk4sEzIv1hR3Cvy/TCpYdeo=
api
scorestream.com/ Frame 70D7 		224 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scorestream.com/api
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.109.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-109-45.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
596820acabfd9080f3d739cb000c585f412e141b234dad422500df2ba92020b3

Request headers

Accept
*/*
Referer
https://scorestream.com/widgets/scoreboards/vert?userWidgetId=47656
X-Requested-With
XMLHttpRequest
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ED91 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112455
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 09 Aug 2023 21:50:15 GMT
expires
Fri, 11 Aug 2023 05:04:30 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
prbds2s
rtb.gumgum.com/usync/ Frame D0C9 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.10.122 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-10-122.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4ca6f68c8071ce1e749b9142616ebe518d0983acc4f2b4403883d82154a042c1

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 09 Aug 2023 21:50:15 GMT
etag
W/"016afef178e15e0dcc0ad5600f123a143"
server
nginx
timing-allow-origin
*
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
an-x-request-uuid
e0a62f47-2fa8-4500-9681-2aa6dc4a60cc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2546882368749204855
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=0035c957-f895-4a06-acbe-4b96f626c00a
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=0035c957-f895-4a06-acbe-4b96f626c00a
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=57fac68b-d9a6-4dcd-bf6a-9610d580aa5b&user_group=1&ssp=gumgum2&bsw_param=0035c957-f895-4a06-acbe-4b96f626c00a
  • https://usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=0035c957-f895-4a06-acbe-4b96f626c00a&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 09 Aug 2023 21:50:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame D0C9
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&obuid=ENC(qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7Bus...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26u...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=dddf2387-b1a1-4af1-833b-7a9c99b2e357-64d40a1a-4a50&obUid=qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv&gdpr=$GDPR_APPLIES&gdpr_...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=dddf2387-b1a1-4af1-833b-7a9c99b2e357-64d40a1a-4a50&obUid=qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
38.133.127.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:18 GMT
Cache-Control
no-cache
X-TraceId
c3290c03d132e7ec2cd30fbc1a8e1cd9
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:18 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=dddf2387-b1a1-4af1-833b-7a9c99b2e357-64d40a1a-4a50&obUid=qszgRo9EYLqHBemabkU0JZgmC0jxWSVSJHlS7h8xTimw5qa2EksKoXJtY04z-Wfv&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:15 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0b161d73-9965-006b-3205-fbf9fe3d14e7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5$cell
Date
Wed, 09 Aug 2023 21:50:15 GMT
Connection
keep-alive
Content-Length
115
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-6XQbipZE2peveGBRBqoaR49K5fERRGHK2pJW~A
content-length
0
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusers...
  • https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=cbc3cb67-e9f0-487f-9ece-f5c767a55b1e
Date
Wed, 09 Aug 2023 21:50:15 GMT
Connection
keep-alive
X-CI-RTID
115c19c1-a7cc-417c-95bd-de08f490587e
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:15 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
123879626
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame D0C9 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:14 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=SpoYyQYgU8ZJgVTdZ9LS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVJXA32ZPFIVSZ2VHBNEUZ2WKRSFUOKMKMTHK427OBZGS...
  • https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:16 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=SpoYyQYgU8ZJgVTdZ9LS&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=499cea1e-0c48-462f-8af6-4b951b5de04d
access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:15 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
location
https://usersync.gumgum.com/usersync?b=pln&i=Ev8fwcEpi5eG&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-9fc5b9cc4-fdbzz
expires
-1
usersync
usersync.gumgum.com/ Frame D0C9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3428615102313504314
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3428615102313504314
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3428615102313504314
date
Wed, 09 Aug 2023 21:50:15 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame D0C9 		0
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame EC26
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 09 Aug 2023 21:50:15 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZNQKFQAAAj5PRgAb&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-itm18850-ITM
x-timer
S1691617816.707548,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame C52A 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82MDRkY2YxYy1iODRkLTQ5ZDMtYjU5ZS0xOWUxZTllOTEyZmE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 82DF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112455
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 09 Aug 2023 21:50:15 GMT
expires
Fri, 11 Aug 2023 05:04:30 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 08DC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 09 Aug 2023 21:50:15 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=63eeee38-aa0d-41c4-9eaa-932b32d94862
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame B27F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:15 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZNQKFcCo8XYAALhg1HQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad435.dc4p.scaleout.jp
X-SO-IP
114.19.24.12
X-SO-Key
ZNQKFcCo8XYAALhg1HQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"114.19.24.12","key":"ZNQKFcCo8XYAALhg1HQAAAAA","privacy_sensitive":false,"uid":"ZNQKFcCo8XYAALhg1HQAAAAA","upstream_id":"m-ad435"}
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-UID
ZNQKFcCo8XYAALhg1HQAAAAA
X-SO-Upstream-ID
m-ad435
usersync
usersync.gumgum.com/ Frame F745
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=11927982-9abf-4e79-b649-e54149dd16ce
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=11927982-9abf-4e79-b649-e54149dd16ce
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=11927982-9abf-4e79-b649-e54149dd16ce
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usermatchredir
ssum-sec.casalemedia.com/ Frame 267F 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame B7BD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:15 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 09 Aug 2023 21:50:15 GMT Wed, 09 Aug 2023 21:50:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ZecuR8wiA1Rq8TMaxUUT&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame AB66
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Aug 2023 21:50:15 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 09 Aug 2023 21:50:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
truncated
/ Frame 0E3B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d43c6d6bcef706df0493404de9ac27cfc01ada282ad9a73fdbce1a0f54f71411

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CF25 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
age
44528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 09:28:07 GMT
expires
Thu, 08 Aug 2024 09:28:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0E3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunL07mXLCggjrHaFQc-QX0yrMncAikl6SWbP5eDcjD4G0FtflAkS3WHc721YPGLaAwiFQGbQfwmxgoEPfKSb0OF8HUky0HOZ8AVwWsbKFk7gfp6rTaofnoKGcgKBXc07NzpkxH7-228QaoU5ki4rS2q8Fs67BfFTLwpckk9xhXPjwZhX0tDUT5d5A_YiAIbNVNZiyT59VcSUm32osiqVPb-b3D6MnF-w0XmPK1WCQtU28wI8yDJOdvNxp8nx2sCGsyyZTVFLxd-aFbOhATSGc056s7h7KX64sjGcCGp0jKlT0aOLhDAqp81mmYT3C57aeuhVDUsvlBPEs4ij2hrAzDSp0AaZX-HueT7dtZ-kQBkJ0nwNITBSsx54WeVEA4RWs8ufso-uchxCfDioNkO_3Q9XB7_2TZCR-j_VNDW7YGjXxb-t17n9I6NnM7hi_yf3xrqOdIvTHOuKAFKtAXQ1Qe4mCHoSwqOF2TgaL-_u0K2prD7hdAtWkhjBirv5tjCRc9omTmLpYLum14jG3w8hTXpy0whvqMOpVgkNKU7AFGUD-SrThlS78GV6f_FFdszTbIZkQ167YsmZnJuXtNDXwTnMJ8axgHQAx5YNjHyFhQAlKAC9XVI3_UfzGSiog7HAzL-gcnPTi1-XvhfYxk05OzuBOoCXeY3sA6EGB5bYvSvsJFFBaIbMzwtVnTueK2loR8WDsm6QIP7L7xpHMdBDAhAsnKm-W9Q90AfShIw674Zki3Bb5_a4zgW4uPblTdAPHaoh73de-F3Siefz4uBQ9CkxPZ-ZxEBLo-Zu2Sh0L5e1ebgSa7eV8cp10Q8Va5hYWLVTvGe_oCJArpmvKK6_vzHEpoqbXtRZhL9I2pbtahGdHKZPyiiu-pc63rVUlPS4C6LeCF-KT5dg-g-d_3I_qDOYHn_E1AHGHl3PDEZNIRnqSRWEmmi5SmqxQ4UE_alBX8B5SzBE_qAMvoQeucMighi7xCUuXMG84oRS9QIY273IuNOY_qDow4pHzlumtLx9rYDifKkGUOkC9coELnPGRKY51KoSyqOYM7iX_E3vhaI8pxajloIwSGfpzKDa9FLjBXf0Njf4wTQRllzysyDOeLcNIpGWr7gbeFjfPdDCGNngvcWAJy0InrA1xObkXxqRy7TOLKS5gusFtfo8OXl323gTGa3DX9De-iDNJRksGSwOu3T86_yYotRMKRk_XBupMnCF9RtkHU6z5wUOxRpYPVuocA1MMDqM1l9VWjPssn_-lPBLpF4HG_3_OSQWLSRiLQKAqIN-go7IXBCZjASHA6gvJhb8VCybFctYP36etbqLZrKZdXKL9FYMjvpF1hxbbRbBCqRMo3cGZ5Vb3PZG200hqZWSbaDeC6MMBZA1MYhm1ge_bq_A1AKdS5E9GAgjmBVd3q95emsB1UlWx1zHGX3NggFdghW9Hp&sai=AMfl-YT9cUowVn8zAstdbsz0PNueIap1AaQMeJNJmumamme3Z5-tn-lSM6aix_PSPTBj11K5RuahCtfOkYohzfNii9m0WGVP8RUs-kbxD24xEhv0JIm07RRH6Q12csHZDNuXr4F25XFWm4iDls1u8LTOrSj2jrztREvfQZGi0DLXkvhRuyN3jKVKxoHc1NVBnmwbcxPE-HP3T4xPVZoWwYPPaIfyzOY3_jub_MnMEGc3tHzq1FpxTx_dTWQLkpQwiwIhAcbtR1cH_iF3BrPnNPgiOzaZtr26NmBWCMcFjUy2BAN-BlbrUcKju9TMRQ7UvWSCSoCmh12G0kYhgDxDWx5a0nGjXI-2qfppIXba9lhDPzSoTZggFLjmLyJqt1KaPgPQgLX8X-X2dK5bDLfYOzI8opZsLODIF3E57y1IL2dSlKt5&sig=Cg0ArKJSzP-R-wfiSkUJEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=528&vt=11&dtpt=527&dett=2&cstd=0&cisv=r20230808.20365&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 09 Aug 2023 21:50:15 GMT
usync.js
eus.rubiconproject.com/ Frame AB66 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7de82ac3ba9a0880ac0aef261bc38b8ae6ad65a3573782d5e43b87ccf64ab52

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2023 15:09:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62291
Connection
keep-alive
Content-Length
10117
Expires
Thu, 10 Aug 2023 15:08:26 GMT
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		392 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e694446293cca239d590a94a250295771b65e07417a8c22a0ac0c7d24755bd67
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:15 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
392
x-cache-hits
0
sd
jp-u.openx.net/w/1.0/
Redirect Chain
  • https://u.openx.net/w/1.0/pd?us_privacy=1---
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=55mLoG003BDDa007ZOGp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=55mLoG003BDDa007ZOGp
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Wed, 09 Aug 2023 21:50:16 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=55mLoG003BDDa007ZOGp
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1---&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 09 Aug 2023 21:50:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=63eeee38-aa0d-41c4-9eaa-932b32d94862&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157076&us_privacy=1---
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=63eeee38-aa0d-41c4-9eaa-932b32d94862&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3735528708331917475
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Wed, 09 Aug 2023 21:50:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=208030&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=30a99166-7151-a189-c6cebdc2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=30a99166-7151-a189-c6cebdc2
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=30a99166-7151-a189-c6cebdc2
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js
pagead2.googlesyndication.com/bg/ Frame CF25 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
140679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:45:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF25 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8etZFgrUZNG-F7TAvcAP8-eGqA4AAAAAOAHgBAI&bg=!gYKlgtbNAAaiGN5Pghg7ADkAdvg8WlpzE7AMDdM3-5yVPdN-2suisEnIsYlrUZl9lL4Lg1ALCHSXC49uHEV_FjJWk3rLuZGX5usCAAAAT1IAAAAIaAEHCgAudGuTr-eyIRMCIAFxI2qPh6KCG0dz1DONpSCt0XFYwzCMQLbshXrpYK9EaMZjuJkDD_vuV2OaTaaYNTe8-ii7-3Og55HfeSDfMCg46JaxksBkyz1TlfxPNuA14pKtr9D7Ynp4r2VdfNwKNNEU-0vOQ6jZSUTleDs4z-EApbPpftM53lvnyjtHvD4eM6oYL08OEeve-rskR6KohiTGS89g_SaAVxvbBaE-U05zuUseZk7WbImCJn6LH6Y2BlBaejDxTZgTCkXGdSUMPOL4ZpBktXD-z5Eqk_frETIFDRYi4hlvOOVNDOWIdqr_8K47dBdSnXovLYkEWx7ZOpXoeaPU18i9Tozz7zXy3TI7K8Hkt2ODVn6yuL2mjT4eXBpV810tY11CavD0Qbo7JNDPu4WmBpHKibRCN8ghgFCHzAyVsbAnK4DYqyshRqJN9fysKt5SM54UJ3wGhh2HUWkTWymuhN_J9zQtKrqby4gFizYXuFO178g8Udjk-Hln6gQ4zrPXZP2_AKJWy88s1FBIkBs--fCgbAcLqhb9jsHfLD0p07VnKo3eI63lWNSW0BnaC8HhsUxykZA_-2oyT7a-2w9OLR7tf0bMpPoFDKD8d6uI-ott5HHco5ljZ-SaIsZkXZ65Hvm4wkDYDBJUsOsFwdUazFIFvKW8Neo5XGS4uNt-Ljb5km4EGvJFEiyCnT0V9IbueZKAXZyzOwqIDIWadDFQlKu-ug1Mm9fHMBsmTUaVs5T1fD4rhFCmbazQwnbL6v6RL9BxdnfjEJ6En5nZp3Ju25uquhOlRVGY5N6Y8HDMeq4f_JAPJY-X3ryhAg1Mn7gHmS0C_0ctjwnB7O3gTQa5ABdet0ceZxaHPkjECr_pvtPDXR1lXmP84-j4dO1u8ezihRce_Nclxh2G3XjQFMqShPKxSsTyION7YOQvfOr0EB1qynVvnn1rrZRFV3RsclYoGz2sRb7rBN7GflDXu4XRvicchLxNU62Q7ukSK4NWBkG4Cbpq-SVCg0xkMOZj0Lcf5YhxXTMqiptQK2WWi36YVmKntvSfc8FbJ_fPZXBzwVSUw5yZ7-O1S8pmJTtpA8ea2Gx5NB5PZUbKncGPEM4Afw
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4666 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
css2
fonts.googleapis.com/ Frame E4F2 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 21:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:36:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Aug 2023 21:50:16 GMT
logo.svg
www.timesunion.com/img/logos/black/ Frame E4F2 		327 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timesunion.com/img/logos/black/logo.svg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/captcha/captcha.js?a=&u=b71d5510-36fe-11ee-9cef-43d9513c78bd&v=b59c4e7a-36fe-11ee-a2c8-a06ff798ce28&m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/hdn/hrlm/p/silent.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:16 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
425286
x-cache
HIT
content-length
70959
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 18:06:58 GMT
server
Apache
x-timer
S1691617816.329043,VS0,VE1
etag
"51afb-6015398dfb45c"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
8
init.js
www.timesunion.com/413gkwMT/ Frame E4F2 		169 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/init.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/captcha/captcha.js?a=&u=b71d5510-36fe-11ee-9cef-43d9513c78bd&v=b59c4e7a-36fe-11ee-a2c8-a06ff798ce28&m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f24b1e8dae6e63abf5bbb934565ab93ac27bbe5a2d6eaf824d2a99b8b3550999
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/hdn/hrlm/p/silent.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 google, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=300
age
176232
x-cache
HIT
content-length
68652
x-served-by
cache-itm18838-ITM
etag
"2a3c0-NKFVsJgay+XzJ+O6ZBb2LHt2Q/o"
x-px-hash
OGMzOWE2MWVmNzc4MTEzZjBlYjhmYzdkMGI5M2E1ZjBjMGE0ZjBlMzU2Y2I4N2EyNTUyNzFhZTk0ZDg5ZjU5NA==
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
3
ads
securepubads.g.doubleclick.net/gampad/ 		367 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1276884881652271&correlator=2497821887853819&eid=31072020%2C31076399%2C31075591%2C31075148&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=36117602%2Chnp-timesunion.com%2CHomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C4x1%7C300x250&fluid=height&ifi=6&didk=2016811434&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D674c06275fe43673%3AT%3D1691617814%3ART%3D1691617814%3AS%3DALNI_Mbac-9qMAH1Jawo3NIs7zl3ai4_vQ&gpic=UID%3D00000c29d6e9a6f5%3AT%3D1691617814%3ART%3D1691617814%3AS%3DALNI_MbcLN0ArkrT0yxrb6ZnFLMFiuLCrQ&abxe=1&dt=1691617816385&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timesunion.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=1156&ohw=4000&ga_vid=1396311492.1691617812&ga_sid=1691617814&ga_hid=141382141&ga_fc=true&dlt=1691617810001&idt=2193&prev_scp=position%3Datf%26DIV_ID%3DAP300%26hb_deal_optimera%3DZ%2CA6%2CSA1%2CSA2%2CM3%2CL7%2CL1%2CTA2%2CSA10%2CDE%26amznbid%3D2%26amznp%3D2%26frsh%3D2%26i%3D1&cust_params=v%3D23.8.4%26urlhash%3D510d1172f4b60283dd404611ddbaf2e7%26treg%3D0%26page_type2%3Dhome%2520page%26PageUrl%3Dwww.timesunion.com%252F%26referrer%3D%26section1%3Dhome%26nlp%3D%26nlp_entities%3D%26scrollpage%3D0%26hpx_ipc%3Dnull%26hpx_fid%3Dnull%26hpx_kb%3D0%26permutive%3D40919%252C42136%252C42567%252C43447%252C43465%252C44089%252C44258%252C70747%252C79087%252C87427%252C115180%252C147726%252C147918%252Crts%26swgt%3Dtu_na%26custom%3Dactive_tab%26WcmID%3D4654%26juice_id%3D66623&adks=359579091
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
3716e0bc065c77727e1c83ec8fbeaab8b750cb1ef768adaee1dd00e5aeb62480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		367 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1276884881652271&correlator=2497821887853819&eid=31072020%2C31076399%2C31075591%2C31075148&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=36117602%2Chnp-timesunion.com%2CHomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C970x250%7C970x90%7C728x90%7C88x88&fluid=height&ifi=7&didk=1714348086&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D674c06275fe43673%3AT%3D1691617814%3ART%3D1691617814%3AS%3DALNI_Mbac-9qMAH1Jawo3NIs7zl3ai4_vQ&gpic=UID%3D00000c29d6e9a6f5%3AT%3D1691617814%3ART%3D1691617814%3AS%3DALNI_MbcLN0ArkrT0yxrb6ZnFLMFiuLCrQ&abxe=1&dt=1691617816394&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timesunion.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=1156&ohw=4000&ga_vid=1396311492.1691617812&ga_sid=1691617814&ga_hid=141382141&ga_fc=true&dlt=1691617810001&idt=2193&prev_scp=position%3Datf%26DIV_ID%3DAPflex%26hb_deal_optimera%3DZ%2CA6%2CSA1%2CSA2%2CTA4%2CSA10%2CD4%2CM6%2CTC4%2CE1%2CM7%2CTC9%2CJ0%2CM8%2CTF9%2CDE%26amznbid%3D2%26amznp%3D2%26frsh%3D2%26i%3D2&cust_params=v%3D23.8.4%26urlhash%3D510d1172f4b60283dd404611ddbaf2e7%26treg%3D0%26page_type2%3Dhome%2520page%26PageUrl%3Dwww.timesunion.com%252F%26referrer%3D%26section1%3Dhome%26nlp%3D%26nlp_entities%3D%26scrollpage%3D0%26hpx_ipc%3Dnull%26hpx_fid%3Dnull%26hpx_kb%3D0%26permutive%3D40919%252C42136%252C42567%252C43447%252C43465%252C44089%252C44258%252C70747%252C79087%252C87427%252C115180%252C147726%252C147918%252Crts%26swgt%3Dtu_na%26custom%3Dactive_tab%26WcmID%3D4654%26juice_id%3D66623&adks=1174897365
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ed0daffcb53aabdd1997916151ddaff5c5b3e465fe4887d3cff4a257333fb42b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		367 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1276884881652271&correlator=2497821887853819&eid=31072020%2C31076399%2C31075591%2C31075148&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=36117602%2Chnp-timesunion.com%2CHomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C970x250%7C970x90%7C728x90%7C88x88&fluid=height&ifi=8&didk=717402586&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D674c06275fe43673%3AT%3D1691617814%3ART%3D1691617814%3AS%3DALNI_Mbac-9qMAH1Jawo3NIs7zl3ai4_vQ&gpic=UID%3D00000c29d6e9a6f5%3AT%3D1691617814%3ART%3D1691617814%3AS%3DALNI_MbcLN0ArkrT0yxrb6ZnFLMFiuLCrQ&abxe=1&dt=1691617816401&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timesunion.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=1156&ohw=4000&ga_vid=1396311492.1691617812&ga_sid=1691617814&ga_hid=141382141&ga_fc=true&dlt=1691617810001&idt=2193&prev_scp=position%3Datf%26DIV_ID%3DBPflex%26hb_deal_optimera%3DZ%2CA6%2CSA10%2CD4%2CE1%2CJ0%2CSA6%2CDE%26amzniid%3DJMu4JQg0NAP98jTeYqF7lBAAAAGJ3EdeUQUAAAv-AQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICACySpU%26amznp%3Dbdtxj4%26amznsz%3D728x90%26amznbid%3Dznueio%26frsh%3D2%26i%3D3&cust_params=v%3D23.8.4%26urlhash%3D510d1172f4b60283dd404611ddbaf2e7%26treg%3D0%26page_type2%3Dhome%2520page%26PageUrl%3Dwww.timesunion.com%252F%26referrer%3D%26section1%3Dhome%26nlp%3D%26nlp_entities%3D%26scrollpage%3D0%26hpx_ipc%3Dnull%26hpx_fid%3Dnull%26hpx_kb%3D0%26permutive%3D40919%252C42136%252C42567%252C43447%252C43465%252C44089%252C44258%252C70747%252C79087%252C87427%252C115180%252C147726%252C147918%252Crts%26swgt%3Dtu_na%26custom%3Dactive_tab%26WcmID%3D4654%26juice_id%3D66623&adks=1098772090
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
153fde9ad0e7bcad486e4677d7ea53d0830ee891412976c3db313a21ae785f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle
www.timesunion.com/413gkwMT/xhr/assets/js/ Frame E4F2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/assets/js/bundle
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3ccd2bea90c74c010bdd0b53cb7ebc5fabb99dda6e6b4e72665e8c7048d626e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/hdn/hrlm/p/silent.html
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
1596
x-cache-hits
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=0035c957-f895-4a06-acbe-4b96f626c00a
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=0035c957-f895-4a06-acbe-4b96f626c00a
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
HTTP/1.1
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=0035c957-f895-4a06-acbe-4b96f626c00a
Date
Wed, 09 Aug 2023 21:50:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
css2
fonts.googleapis.com/ Frame 3B86 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/captcha/captcha.js?a=&u=b71d5510-36fe-11ee-9cef-43d9513c78bd&v=b59c4e7a-36fe-11ee-a2c8-a06ff798ce28&m=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 21:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 20:49:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Aug 2023 21:50:16 GMT
init.js
www.timesunion.com/413gkwMT/ Frame E4F2 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/init.js
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/hdn/hrlm/p/silent.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 google, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=300
age
176232
x-cache
HIT
content-length
68652
x-served-by
cache-itm18838-ITM
etag
"2a3c0-NKFVsJgay+XzJ+O6ZBb2LHt2Q/o"
x-px-hash
OGMzOWE2MWVmNzc4MTEzZjBlYjhmYzdkMGI5M2E1ZjBjMGE0ZjBlMzU2Y2I4N2EyNTUyNzFhZTk0ZDg5ZjU5NA==
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
4
de607fc2-3482-484c-b296-80448ffa0fa8
https://www.timesunion.com/ Frame E4F2 		17 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/de607fc2-3482-484c-b296-80448ffa0fa8
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1374b28d22b674e53a044425556a9cd48b82fd5aba3bf19e3545d51704227b10

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
17
Content-Type
application/javascript
8678f063-a8f1-44a7-ae5c-2c369e6efa0b
https://www.timesunion.com/ Frame E4F2 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/8678f063-a8f1-44a7-ae5c-2c369e6efa0b
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae7f3b9c2e8a51f7cef4121088210eb97c52aebbc7808ef078c18725864b8587

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
5325
Content-Type
application/javascript
42b90b76-b98f-4cf9-98f3-5d6e4ab30f0e
https://www.timesunion.com/ Frame E4F2 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/42b90b76-b98f-4cf9-98f3-5d6e4ab30f0e
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdad86100da8c1c5674a60f2d0439c85830b40732fa274862356b225c6846026

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
5328
Content-Type
application/javascript
g
collector-px413gkwmt.px-client.net/b/ Frame E4F2 		799 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px413gkwmt.px-client.net/b/g?payload=aUkQRhAIEGJqAwMLBgIQHhBWEAhJEGJqAwMBBQsQCEZAR1ceEGJqAwABAgUQCBBiagMDBQYHEB4QYmoDAwQEChAIEEJKWlEQHhBiagMAAQYKEAhUU15BVx4QYmoDAwQGBGx^AIEFpGRkJBCB0dRUVFHEZbX1dBS?R1xbXVwGcUV1fH^VpWSrDXB1apQF5fHUIdQVtemV1xGHFpGX14rRDV`0BAXUAPXl1VW1xt_QFdrDR1tAV1YUQUZTRlGcPAg[7RUAAsHUFBWAQQLBgIEAgoGU1Z7TBlNWBwJQAQNTAAsQT09v&appId=PX413gkwMT&tag=v8.6.4&uuid=b71d5510-36fe-11ee-9cef-43d9513c78bd&ft=314&seq=1&en=NTA&cs=836f3c1c5ebb6faca0cbeeb111384ad2f70f1427663443be70aeb2a5b21fb981&pc=4383571810828979&sid=b72593dc-36fe-11ee-ac83-767543447954%F3%A0%84%B1%F3%A0%84%B6%F3%A0%84%B9%F3%A0%84%B1%F3%A0%84%B6%F3%A0%84%B1%F3%A0%84%B7%F3%A0%84%B8%F3%A0%84%B1%F3%A0%84%B6%F3%A0%84%B5%F3%A0%84%B1%F3%A0%84%B1&vid=b59c4e7a-36fe-11ee-a2c8-a06ff798ce28&ci=b9fe54f0-36fe-11ee-afc3-b58f0ac147da&pxhd=d3b586d8ba2cc7bf418525460fca890a4b6b6c2d9e7944f1ba08d501cd7f82e3:b59c4e7a-36fe-11ee-a2c8-a06ff798ce28&cts=b72598d0-36fe-11ee-ac83-767543447954
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
abce546c4810a0fa8867ad8700d655184a2c0913431d3aa848c132e5ce7f6cac

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
image/gif
access-control-allow-origin
https://www.timesunion.com
cache-control
public, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
799
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E3B 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3TMQr77850zkDnaDJ75g3l9QXe6amXV-l-qDZa8Nb6qw0ZkAYOh6Lm8tv2wqEe4rKEd1_GcdFAuYyqoTv6fZ218f4zz20Jxez7GTWQOV7bdLm8SbBGPkaOUVbEnx7Y58JHhZr7KUDhQ&sai=AMfl-YQ6JZqocd7pamAJPN7ryJ6VgPV13SBSbvVIURwxNAD9WY5t5_yPxxNOncrxG-g_-dThzmOhT06FWGRfszRU14_VFHx38J9bSmNpmXVJOCGOTHtbV1gWkqcWbIc&sig=Cg0ArKJSzKF-qgQrvZI2EAE&cid=CAQSOwBpAlJWx8NV8pEcH6rJI4GDFzbeqHbPXJFeM2DLQWhA2NtLPQrpbxzZr5TOB5O3dtVrphXKMNIWrSSbGAE&id=lidar2&mcvt=1038&p=230,315,480,1285&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=422643193&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691617815100&rpt=629&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 23E9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
36917d72defba07c9061ab984f95d0aee27078f7929ebe5c1585bb1a52ce1383

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1809
Content-Type
text/html
Date
Wed, 09 Aug 2023 21:50:16 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3070&u=https%3A%2F%2Fwww.timesunion.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:58:24 GMT
via
1.1 f79910dd066cb79d5b224ab3f88841e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P4
age
17511
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.timesunion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Gt1FB3niOs1pIj3S6eSX2TUZAcnLMFHKknvU6v7C95WLpu5a2eLZPA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
HDnoUjOlwDbu2vIhM-USWKH0xTsIxK71O2l7L0lS8TrtPbVnTjjCwQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3070&u=https%3A%2F%2Fwww.timesunion.com%2F&pid=jWBMvXcZ68FZ2&cb=1&ws=1600x1200&v=23.725.1446&t=2500&slots=%5B%7B%22sd%22%3A%22Flex1%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FFlex1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22AP300%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FAP300%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22APflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FAPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22BPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FBPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22CPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FCPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22DPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FDPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22EPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FEPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22FPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FFPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22si_section%22%3A%22other%22%7D&cfgv=2&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
3d60bcfa3e299a1cec67dd403dd048560f770cc3717523f7d744b83714fde683

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 05e04c5e15a87c619e820e333918b7f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1850
x-amz-cf-id
bAjYodAfHQAMLJnlcTRX_T44e6lCUyuiT6CWX8CXFljPjnAqjmeqLA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
Psj9nMhjviywn9sNN9PYYuQaEkr2tnlOwhDIQkWrLODYzjtW3bSh1Q==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
HCbZFqOuEzXtghxgWnt4PLjQLsaLfcgfm3vTcdYXMBWS_7gkCVyAuw==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
NQUlpaVwRL2mNii7R9zD99ISOSFNC1xi__INhCe2jg23X-2S8a7kbQ==
auction
prebid-server.rubiconproject.com/openrtb2/ 		2 KB
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
826163083e2ba82d1c47aed1dce347664b276f1b17445e8895f7726162ef2516

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.timesunion.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
367
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208030
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6099e10b326f79fa0ea953e2ed65abd9b1d3abf359c15d7a443413051d96a5ce

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWKr9OAvngdioFNT%2FwNBZacIbmI6jbnhGjslRMve4thjnK8MsScRGOXMqo24pZhofFYBp%2B48IqW0PY3oNmQfEe1LNImVPwmIdAaXZ6bYRiNWl1ZjWejzaSYHgnGd6Cg1DGTVVdRQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f4336bbfb7719c2-KIX
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=185&av=34&wv=7.35.0&cb=53798290531
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:16 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b5bfab944e33f37efcc29319261574a2c363b045a40d20dcaf3baae43ff44ed4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
content-encoding
gzip
an-x-request-uuid
3dd735f4-7931-45a5-8c5d-fbe86b8fc151
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FFlex1&tk_flint=pbjs_lite_v7.35.0&x_source.tid=781141a3-3d31-4de3-bbd2-2847492edb17&l_pb_bid_id=108afc08ff32ab2b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FFlex1&slots=1&rand=0.516113185795599
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3640dfc5b09c0311ae58c4dd95721d87ff3803e73a5bc5c5acb6f50d954bc927

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		356 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FAP300&tk_flint=pbjs_lite_v7.35.0&x_source.tid=7ff9f835-74a5-4873-bd11-10267ee67a61&l_pb_bid_id=10997fe5443d7e2e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FAP300&slots=1&rand=0.1808344293057027
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3afbc79cf0b523c270985252700aa4bd263cabe135067530fb07ba975b1d184a

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
356
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		379 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FAPflex&tk_flint=pbjs_lite_v7.35.0&x_source.tid=eae38d9f-7d6c-4d72-b895-6753d1e636d9&l_pb_bid_id=110e1c747b3f3007&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FAPflex&slots=1&rand=0.993960062101306
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
79fb3530ca78f53bddc1bccf1283dd52720ad1d1bd92a232407de270db76e4c1

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
379
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		379 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FBPflex&tk_flint=pbjs_lite_v7.35.0&x_source.tid=74716f30-9fb9-49b4-aafa-2972fd0cf2fd&l_pb_bid_id=1115813c45c55d91&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FBPflex&slots=1&rand=0.8864875076391219
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
280845caccee4500845a0a471211b9761666df56b57c6860f8e3cf0b6440b28d

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
379
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.timesunion.com%2F&tmax=2500&us_privacy=1---
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.140.101.67 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-101-67.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
accept-ch
sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model
x-auction-status
29, 5, 5
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 23E9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209817&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209817&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expiration=1694209817&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 23E9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GADGQVKZSB8FKZEVJ9JE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 23E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN-tuo6l7s9nUUEfi4XCQUw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 23E9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.245.72 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-245-72.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame 23E9 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.25.178 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-25-178.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum.casalemedia.com/ Frame 23E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2546882368749204855
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2546882368749204855
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
an-x-request-uuid
94216793-ad73-4402-81bd-4b2a7e957d7c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2546882368749204855
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=23728&dpuuid=ZNQKFmk-ZsdbmBXGQXOHVgAA%265356
dpm.demdex.net/ Frame 23E9 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZNQKFmk-ZsdbmBXGQXOHVgAA%265356?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.199.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-199-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v047-027013819.edge-tyo3.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ttsVUw8ZSgs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 23E9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4585599552386632809
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4585599552386632809
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4585599552386632809
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
prebid-server.rubiconproject.com/ Frame 23E9 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=ZNQKFmk-ZsdbmBXGQXOHVgAA%265356
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 2B89 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25063557&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
024510cc9f416e5a289df69964cb867a8a28341a81d4be4fa80eb17e1f57e532

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 09 Aug 2023 21:50:17 GMT
content-length
1599
content-type
text/html; charset=UTF-8
usersync.aspx
dis.criteo.com/dis/ Frame 9578 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:16 GMT
expires
Wed, 09 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205736
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame C0CC
Redirect Chain
  • https://ds.uncn.jp/pm/0/sync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3
42 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
170
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 21:50:17 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 21E5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2546882368749204855&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2546882368749204855&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a391eef7-7d6a-4e40-8ffb-f03471c8e63f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:17 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2546882368749204855&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame ACFB
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=6593e97...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=8xbcezPI8FH
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=8xbcezPI8FH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:17 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=8xbcezPI8FH
Pragma
no-cache
Server
nginx
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 9248
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL
42 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 09 Aug 2023 21:50:17 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame 075A
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=wle8ocr2vdd0
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=wle8ocr2vdd0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 09 Aug 2023 21:50:17 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=wle8ocr2vdd0
lws
123
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 2B9B 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 09 Aug 2023 21:50:17 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-itm18850-ITM
x-timer
S1691617817.074962,VS0,VE166
usersync
usersync.gumgum.com/ Frame 61DE 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:17 GMT
Expires
0
Pragma
no-cache
1B30ECC2-32A5-4C63-9767-37CD2B4200CF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2B89 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1B30ECC2-32A5-4C63-9767-37CD2B4200CF?gdpr=0&gdpr_consent=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.245.72 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-245-72.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 2B89
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i0Kb2ApE2uXon.NMrkS1ZFTKm4YWcco-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i0Kb2ApE2uXon.NMrkS1ZFTKm4YWcco-~A&gdpr=0
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i0Kb2ApE2uXon.NMrkS1ZFTKm4YWcco-~A&gdpr=0
date
Wed, 09 Aug 2023 21:50:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2B89
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4585599552386632809&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
events
bidder.criteo.com/csm/ 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:16 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7de974980b64804a7060842b24caa1cd5d00c3b4a73656754d399264ae89b0dc

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
bundle
www.timesunion.com/413gkwMT/xhr/assets/js/ Frame E4F2 		780 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/assets/js/bundle
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
242969516461862ebce6368cc819b5fa4d19d14ca969ee422022b90f749bb2a9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/hdn/hrlm/p/silent.html
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:17 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
780
x-cache-hits
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WE0RM2ZY79&gtm=45je3870&_p=141382141&cid=1396311492.1691617812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1691617812&sct=1&seg=1&dl=https%3A%2F%2Fwww.timesunion.com%2F&dt=Times%20Union%20-%20Times%20Union&_s=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WE0RM2ZY79&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A17%2B09%3A00&ts=1691617817993
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
d857e92a162147374f6d6c5ffbbaaa01add4f6ca843bdb283f98bfe5f24b16d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5127
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
AgOJNzakRr3EQPpkuSSpGqedpuNbWroyCkN9J1g2hHaPM82nC4H69A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
bundle
www.timesunion.com/413gkwMT/xhr/assets/js/ Frame E4F2 		780 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/assets/js/bundle
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7610598507d9d46bf365f538ce439b12efebf9b66963359b66c33fb4a418db4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/hdn/hrlm/p/silent.html
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
780
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame ED91 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42527326&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
04f0da05dc6278ebec1e30e4b6f12bacd67d93625e8873b9be489003e3703698

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 09 Aug 2023 21:50:18 GMT
content-length
1664
content-type
text/html; charset=UTF-8
set
hub2.zenimpact.io/ Frame E525 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hub2.zenimpact.io/set?zenId=65a11ddd-2e4a-2ab8-a262-10e227f0cb70&print=0f6738a7c196c14492e9baaa7fccc590&token=AIzaSyBCYW8JYdGu-vHvMUwuuAvoZxduUsSCVMM
Requested by
Host: content.zenimpact.io
URL: https://content.zenimpact.io/dist/zen_init.min.js?v=2307689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.105.74 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
74.105.160.34.bc.googleusercontent.com
Software
Google Frontend / FALSE
Resource Hash
161c6a5227ae9727d94a3a07458b4a58117f1d2a5f5839adeb8012fa3c8d6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:18 GMT
expires
-1
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
strict-transport-security
max-age=31536000
via
1.1 google
x-content-type-options
nosniff
x-powered-by
FALSE
x-xss-protection
1; mode=block
Pug
image2.pubmatic.com/AdServer/ Frame B077
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WNOCzUuPBIC9zKzZGgrUZA
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WNOCzUuPBIC9zKzZGgrUZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:18 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WNOCzUuPBIC9zKzZGgrUZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pxd
dps.jp.cinarra.com/ Frame 714D 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.74.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-74-203.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

content-length
0
date
Wed, 09 Aug 2023 21:50:18 GMT
cm
ipac.ctnsnet.com/int/ Frame D811 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 09 Aug 2023 21:50:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 4701
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b99938abe7704db69e5ffee92bc2c836
42 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b99938abe7704db69e5ffee92bc2c836
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Wed, 09 Aug 2023 21:50:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b99938abe7704db69e5ffee92bc2c836
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame FEBD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X31vL9HZSGNpJLq1ByOm5Q&gdpr=0&gdpr_consent=
42 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X31vL9HZSGNpJLq1ByOm5Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
183
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 21:50:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X31vL9HZSGNpJLq1ByOm5Q&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 4FDB
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU960b06642275419d93b5014abfc392f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU960b06642275419d93b5014abfc392f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU960b06642275419d93b5014abfc392f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
Tengine
/
csync.loopme.me/ Frame 8FCE 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2B03
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:v6NLNtCw1QtR4n5&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:v6NLNtCw1QtR4n5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:18 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:v6NLNtCw1QtR4n5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-03a8777c035e2d07e@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame B54C
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759397538755038
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759397538755038
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 09 Aug 2023 21:50:20 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1917759397538755038
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
setuid
prebid-server.rubiconproject.com/ Frame 84F9 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
content-length
0
content-type
text/html
Pug
simage2.pubmatic.com/AdServer/ Frame ED91
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f4e0b326dea1b36&is_secure=true&networkId=17100&version=1&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANLxp8xfeotAMjTxfRAAAAAAA&expiration=1691704219&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANLxp8xfeotAMjTxfRAAAAAAA&expiration=1691704219&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 21:50:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANLxp8xfeotAMjTxfRAAAAAAA&expiration=1691704219&nuid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 82DF 		252 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70884272&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
96df926da81f08ee1e108f177830505db567412dc3654ec7d1bcb16ab19d39e4

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 09 Aug 2023 21:50:18 GMT
content-length
252
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame DF59
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D6760D4DB5F94F92A06BCCFBD3FDA6C8&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D6760D4DB5F94F92A06BCCFBD3FDA6C8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 09 Aug 2023 21:50:18 GMT
expires
Tue, 08 Aug 2023 21:50:18 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D6760D4DB5F94F92A06BCCFBD3FDA6C8&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 9849 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 09 Aug 2023 21:50:18 GMT
Expires
0
Pragma
no-cache
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ Frame E525 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: hub2.zenimpact.io
URL: https://hub2.zenimpact.io/set?zenId=65a11ddd-2e4a-2ab8-a262-10e227f0cb70&print=0f6738a7c196c14492e9baaa7fccc590&token=AIzaSyBCYW8JYdGu-vHvMUwuuAvoZxduUsSCVMM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://hub2.zenimpact.io/set?zenId=65a11ddd-2e4a-2ab8-a262-10e227f0cb70&print=0f6738a7c196c14492e9baaa7fccc590&token=AIzaSyBCYW8JYdGu-vHvMUwuuAvoZxduUsSCVMM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2346078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
701
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sANFWl2VjUfcOJAAUbuknv%2BjY1s865wLlgg5W0O1UylsbdKyO0BBXIvRkPpR%2FHXtrPi4ilodUq4IS9gzJMtW2fyPeZB4SBZ6nUGNuPH6nxSBj6QhDDLfgfPnXphZ0lXaWvz%2BRKzw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f4336c89abe834c-KIX
expires
Mon, 29 Jul 2024 21:50:18 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A18%2B09%3A00&ts=1691617818988
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
a76aa47559deb99afa5403680222b6ae6a77b05fec9530e2c02a692d29b275f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5128
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
sQd4kd8U_TeXr_wHG-7XlR2GsAmJ_wAl65w99aTtR0VbQ4Ju-wUBjg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2B89 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Fgppapi%252FattemptSync%22%2C%22fea...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Fgppapi%252FattemptSync%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
MHct6rvN9DGXxyda19CnFXj4Lur_gl-SPRl-DFp-L2lLwu3FLo21xg==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%2...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
qB0rSDcEUig4-uuwGJFczSKtnKVNdZgwPgKPzPjOHn-sJlr0DW803g==
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3070&u=https%3A%2F%2Fwww.timesunion.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:58:24 GMT
via
1.1 f79910dd066cb79d5b224ab3f88841e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P4
age
17514
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.timesunion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
mryzgxQCq8udbpiNaUVxLSMkhCkYUbIrObSs40210x51sHwF0bSbAw==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
4XCkqI3sFqIEqtba1v73YE9vI0AldCKEnVFgUdal5zZBDCt7JeMuVQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
ufRsTbv8c_tWqqnGfsvbqJA50TNAJP5SgSyNjYOJ8QCQbWGOKI3KEA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
Mm-c0OI7sB4wNTjKx1B2GsTcO9ov8vo9eXcyiKrqxMVICXyezeRlTA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
q83HiU7KxTVxyXpxAse2PS5G02eH-Qdx3CU4QwlM2on4pCXfP0QrEQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3070&u=https%3A%2F%2Fwww.timesunion.com%2F&pid=jWBMvXcZ68FZ2&cb=2&ws=1600x1200&v=23.725.1446&t=2500&slots=%5B%7B%22sd%22%3A%22Flex1%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FFlex1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22AP300%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FAP300%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22APflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FAPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22BPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FBPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22CPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FCPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22DPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FDPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22EPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FEPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%2C%7B%22sd%22%3A%22FPflex%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F36117602%2Fhnp-timesunion.com%2FHomepage%2FFPflex%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22si_section%22%3A%22other%22%7D&cfgv=2&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
7d92f9654723bb7b6ca133169ad8fd55924d059517418a48a8f21f605f3ecb66

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 05e04c5e15a87c619e820e333918b7f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1857
x-amz-cf-id
1Id8nHvHrzF8_TDz1PUaF24gUOgor27RH7U1aYDPzY3pRfwLqmG97A==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223070%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.timesunion.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:18 GMT
via
1.1 2f23a86dea73acab8a8c28b3d87160da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
gYUHniIvif1v-WaevISVGDSjVH2kwn_jyvcB6vpmGzbiQcUcOIXYFw==
auction
prebid-server.rubiconproject.com/openrtb2/ 		2 KB
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2f3ccb82a518564974ba4f79600ce30e34a4fbcfb8c100b669b0e9dddf79aef

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.timesunion.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
365
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		498 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5e5d2fa604c3583545df1f85f3fb222ddf47645f6237bc7940ad6accd59f365f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
an-x-request-uuid
70404fec-8c22-495e-9ae5-aa69b1c9cb58
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
114.19.24.12; 114.19.24.12; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
498
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=185&av=34&wv=7.35.0&cb=55394733988
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FFlex1&tk_flint=pbjs_lite_v7.35.0&x_source.tid=401228d8-e4e0-49a9-a151-9a6741d28c2a&l_pb_bid_id=15404a89dea93738&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FFlex1&slots=1&rand=0.7073217200637059
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3071104ce122eb070cba0c067c7ef231a3a51d9dafe80a61aa628946d987f9de

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		356 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FAP300&tk_flint=pbjs_lite_v7.35.0&x_source.tid=3949e999-a7b9-4a57-99e8-f409b9d48e56&l_pb_bid_id=155a2315e4ef8034&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FAP300&slots=1&rand=0.6642388352443154
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
74c9459e705086236ca03e9945b82c327b58676f806a2ef2b43da3ce982f0619

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
356
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		379 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FAPflex&tk_flint=pbjs_lite_v7.35.0&x_source.tid=69574f1a-1ebb-464d-b9a0-b95df1e2e592&l_pb_bid_id=156152a336767474&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FAPflex&slots=1&rand=0.3308125797480661
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b68c939f947f9eee64285a8d082571bbfd3abe9160d6a6a4268150295fc7d9fc

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
379
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		379 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9095&site_id=211060&zone_id=1037354&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rf=https%3A%2F%2Fwww.timesunion.com%2F&tg_v.permutive=72653%2C79087&tg_i.page=https%3A%2F%2Fwww.timesunion.com%2F&tg_i.domain=timesunion.com&tg_i.pbadslot=hnp-timesunion.com%2FHomepage%2FBPflex&tk_flint=pbjs_lite_v7.35.0&x_source.tid=b26389fe-cac2-43af-84e0-f2486f3dd087&l_pb_bid_id=157f8067a9e3a987&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=hnp-timesunion.com%2FHomepage%2FBPflex&slots=1&rand=0.469365182601011
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1fe5a1d809eca1e462fbe87d87d44fe69c646d5d782cf8524a84cac0530be9ac

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
379
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=208030
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048bb0bd113e30dd0ec69c39126a472b55bc831600cecceeb2d85f9ee8908a33

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Bb%2BnOE8vUXLHF7M2DHyru4QSrHyuhIjc%2B2ZzbgEfXLA231W9gZli2rnLVdOGTwTucTj997of0RTldmYBKf3tHL20Ghcs0tStkIcMf9ipjzfkPHIT4%2F7TlVGjlfJ0O9pRBSAzRuP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f4336c98eeb19cd-KIX
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
auction
tlx.3lift.com/header/ 		19 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.timesunion.com%2F&tmax=2500&us_privacy=1---
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.140.101.67 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-101-67.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:19 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
29, 5, 5
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: aps.hearstnp.com
URL: https://aps.hearstnp.com/Scripts/loadAds.js?v=1.3.3.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
SPug
simage4.pubmatic.com/AdServer/ Frame ED91 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
up
insight.adsrvr.org/track/ Frame 6360 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=ctg2su6&ref=https%3A%2F%2Fwww.timesunion.com%2F&upid=rnejfix&upv=1.1.0&gpp_consent=DBABTA~1---&gpp_sid=-1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
293d1e268ef7df12ffabd78c6b60043512ecd41c248e7cdb202de88ae9bcf3e4

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 21:50:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
09f6e9a4f0b403d8d4f840e58209d7e97b9862e52699c9d3df62291a7f35d61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11732
x-xss-protection
0
tp2
sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/ 		2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/sp-hnp-js/hnptrckr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.126.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.126.95.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 09 Aug 2023 21:50:21 GMT
via
1.1 google
server
akka-http/10.1.12
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sp-t-hearstnewspapers.com/com.snowplowanalytics.snowplow/tp2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.126.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.126.95.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.timesunion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.timesunion.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 09 Aug 2023 21:50:20 GMT
server
akka-http/10.1.12
via
1.1 google
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 6360 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=ctg2su6&ref=https%3A%2F%2Fwww.timesunion.com%2F&upid=rnejfix&upv=1.1.0&gpp_consent=DBABTA~1---&gpp_sid=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.211.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-211-119.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 08:09:23 GMT
Via
1.1 002f4e6e9a2863fad90c4c4476703744.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT57-P4
Age
49258
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
c6R4On13SBWtL95BIFrEQCTKgv-Rc4IYmBl4AXG9nptD8gRkX295HQ==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 21:50:20 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 5D0F 		44 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=tradedesk&cg=63eeee38-aa0d-41c4-9eaa-932b32d94862
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.76 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
44
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:21 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
pragma
no-cache
server
nginx
via
1.1 3f3fb708ebdc38166393802d73c4aee6.cloudfront.net (CloudFront)
x-amz-cf-id
UFy-iwME1bXr6nHwV_PNIrcxKnxs8yxX4DJfCVG8MQWQzK3SgATWTA==
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
generic
match.adsrvr.org/track/cmf/ Frame C29B
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=63eeee38-aa0d-41c4-9eaa-932b32d94862&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
806 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 09 Aug 2023 21:50:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Aug 2023 21:50:20 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server
nginx
usermatch.gif
beacon.krxd.net/ Frame FD9D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.72.119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
private, no-cache, no-store
date
Wed, 09 Aug 2023 21:50:22 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time
D=27 t=1691617822
x-served-by
beacon-n006-pdx-prod.krxd.net

Redirect headers

content-length
0
date
Wed, 09 Aug 2023 21:50:21 GMT
location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=63eeee38-aa0d-41c4-9eaa-932b32d94862
x-age
0
x-cache
MISS
x-cache-hits
0
x-served-by
usermatch-a006-ash-prod.krxd.net
SPug
simage4.pubmatic.com/AdServer/ Frame 82DF 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A521 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
age
44389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 09:30:32 GMT
expires
Thu, 08 Aug 2024 09:30:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DEA0 		783 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
GSE /
Resource Hash
96b5ef4d443bc2ab497579f69b0b9a8b08e827e1abc529c2bf2f71e94d061bc7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I8a-AHFdGXQPFRm9L5u_Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-I8a-AHFdGXQPFRm9L5u_Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:21 GMT
expires
Wed, 09 Aug 2023 21:50:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js
pagead2.googlesyndication.com/bg/ Frame A521 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
sffe /
Resource Hash
8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:45:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
140685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:45:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DEA0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030101&jk=1276884881652271&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A521 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5XL7zw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030101&jk=1276884881652271&bg=!Xl2lXQnNAAaiGN5Pghg7ADkAdvg8WjIMHKf6mMMX133LJ67bHy3zzjus7SZToYTqE_SYfydZmqWpv43SrsDd9AWzFpmXFnQ_LMgCAAAAV1IAAAAEaAEHCgC3EqzJID8-CsPtYLEv8uq1UAjR5yjNrk5WSZzIORRxO-KIbfgEG_VtxG3PcTVaV1t8wVvzgMGnQH5UFBFKP1hPze3vWJXzUiJlUs6xP6yqVjJ7wNlK_OVcN_AwUvajXc7mjKqUSFkERqrkA2GWBlQr8ofdYs1dBexFy6kDEqVnfP12FYpkAuQi7ebOeUa0CBLns2n9_o0Noz1tEYy-Me8kC_VDVFYqGSANa5tDXYTw1AcNzz08VFcgmQLDMp_Qen0ouTe_8MSWsXISNzAIymz8vZ-sC6W9DtOQtH2SgO2sczeN8EvPpu_i6HSvHuZr8KFuQT0GVCmNRtcZGd2D3joDbB2dYHBpi7wQ8AQx9pScYTQtq09ObvcDJoamhxPR2mD3Clv-dFpJPdhlsArcrRcQVI5zNgNAvumY7bTYV2VViRgyGUK1uXjbwyDimE03kFwTriySDOopxRMyk_jLgIfsCVK4mOd8P_IXS4oLrIhDI9ct3lLRZLhjpWAsE_AVhy7fQzMTxvD-R4SrIUkZb1kDm-zo3BQmaczBiVgIXHsc6GPVTTEBhj4EJZnUSa-W3XNOc82YKISX_M-W65mXC3kUEX3h5VYz5KSqHTrwFqG-aXYpo_H7ADTiaGhYazBVFsEx3IR7PcP9WsSjUY-3DX_LDKzWw2ymQxHN9y2PX-ruIOJ3O0QCrF_XjL7qY5O9DPSbGoQMIXv9TYaxPy2txwPxlyIkwdKCiokOsFzkm5QqT-xubQ4F-D-JWU-KiCZOQDt2LfO23cFGpTm3nlktpgMZWdR4_9JheTyn5sc6qhMEr0SJ-tjxN44fQ6PsLSShrMfL9D66zuUfZD-wDUxpJGei0gBcLoz82umB54_nYIVt6-eA6H4dthAGbr0Sgyqf_aXi5I4LCnwsDUrndTC-M_7P3e2ydXnD46ab6Dir4qCo07vHBNYDU-gjE6AGhwzJWfin3CeA36pbklzTepNYtLoGOD3dBtLS0lUInCY3kbh0dqdF0aOtiAzXlwW4Zwl8zF6FV1rNpHwBeHjwplCOVkYWUh6bz0ykj5dX5fY-_JYQDgm-vGOFJHE4fGG7gsLvWz66MTwcCFMVgrRh6Z3EsxDyJe4hnQ0XzvzKqFx_IBDTWSSY5iWl4GVUCd7jfs9iXx3RZXCe4ibG_0OttzmIuPW1ACe2FskkgpUx3TLW3LY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		780 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4240b0beca7710457d1c5b77a5da7ef42879da25842a7938a27ba8c307633838
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:22 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
780
x-cache-hits
0
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=141382141&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PerimeterX&ea=Score%20Value%20Ready&el=1&_u=6CDAiEABBAQCAGAOI~&jid=&gjid=&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Undefined&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&cd29=Logged%20Out&cd80=Score%3A1%7Cf_kb%3A0&z=1456474808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23196
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=8cbbdd6e-f6b9-4f84-9637-a93d3032cbf2
Requested by
Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/6af07a2d-d0d3-4dfd-961a-bab066126220-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:22 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.156&tna=Mather&aid=v1&p=web&tz=Asia%2FTokyo&tzoff=-540&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=1&tvcfg=all&f_privb=0&tid=fc71d441-b0ba-44ae-9b27-414d4c7f5739&pid=7fcbb2b8-be67-4bf5-bfaf-c056fce579b8&dtm=1691617823399&qnm=_matherq&visible=1&tabid=225fbc23-6a07-4e75-8cec-68bde77b33a1&url=https%3A%2F%2Fwww.timesunion.com%2F&vp=1600x1200&ds=4000x10347&tofa=1691617813&vid=1&lvidt=1691617813&duid=1d9188df-efb5-4272-93b8-a14254a1d000&fp=1485020682&cid=ma86077&mrk=712314004&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5MTYxNzgwNjUyMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMy4xbWIiLCJoZWFwVCI6IjMxLjJtYiIsImZzdFBhaW50IjoiNDg3NiIsImZldGNoUyI6IjI1NDMiLCJkb21haW5TIjoiMjU0NCIsImRvbWFpbkUiOiIyNTUwIiwiY29ublMiOiIyNTUwIiwiY29ubkUiOiIyNjEwIiwic3NsUyI6IjI1NTAiLCJyZXF1UyI6IjI2MTAiLCJyZXNwUyI6IjM0NzciLCJyZXNwRSI6IjM0OTQiLCJkb21Mb2FkIjoiMzQ4MCIsImRvbUludGVyIjoiNDg2MiIsImRvbUxvYWRTIjoiNDg2MiIsImRvbUxvYWRFIjoiNDg2OCIsImRvbUNtcGx0IjoiMTQyMTgiLCJsb2FkUyI6IjE0MjE5IiwibG9hZEUiOiIxNDIyMyJ9fQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.184.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-184-108.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 09 Aug 2023 21:50:23 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bundle
www.timesunion.com/413gkwMT/xhr/assets/js/ Frame E4F2 		0
0
beacon
www.timesunion.com/413gkwMT/xhr/b/c/ Frame E4F2 		0
0
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A24%2B09%3A00&ts=1691617824826
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
7f52822ccaae7d034d6b12bdf49f9bc805e803e47caeba430c05e7ea6c8f2dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
-5hoQ69IRW6qcUVl1sQSs_G5IyYJXJ0HEXskE-1GR5CXWg8EUspJeQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
752d63ad-792b-4705-a5e9-22d061e7af89
player.ex.co/player/ 		603 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/752d63ad-792b-4705-a5e9-22d061e7af89
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/dist/hdn/channel.min.js?v14.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f40f209d206abc85078dd4b76fe42a98846ce536e2fca61f26ef2f504d70bf65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Aug 2023 21:50:25 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
178638
x-served-by
cache-iad-kiad7000054-IAD, cache-itm18825-ITM
server
nginx
x-timer
S1691617825.911982,VS0,VE331
etag
W/"96b58-SqyHxD2mKl6Q1wtSCP5ZkkS6cI0"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 0
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A24%2B09%3A00&ts=1691617824831
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
0f9c5fad44af43def7f10464ac43a354a1e2d1fdeb197f12d906c1f19c3a1182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5126
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iDB90wYZYu2W7lBBJrxhQWhQ74AWpstWWV9bAQk9x8VxOsCtxtptXA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
syncframe
gum.criteo.com/ Frame E97E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.timesunion.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:25 GMT
server
Kestrel
server-processing-duration-in-ticks
304649
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.140.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.140.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Aug 2023 21:50:25 GMT
versions
player.ex.co/ 		620 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/versions
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
84b446fee3048c85cd5122bf2967ef55322cd6769d8f837cc85ff354e76d39de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 09 Aug 2023 21:50:25 GMT
age
26614
x-cache
MISS, HIT
content-length
620
x-served-by
cache-iad-kjyo7100158-IAD, cache-itm18839-ITM
server
nginx
x-timer
S1691617825.412947,VS0,VE0
etag
W/"26c-8ZyxhgsJzzA1mbwAcSkqkyn4VE4"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 6
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A25%2B09%3A00&ts=1691617825360
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
3fb06655a3aa6620ead45246fe5488a887dac02b556c1378de19c9fa9ca78711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
168
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
FUd-P-ew96AIvBRG5fADeaCjDvV0mRdmv-Wb3QcAalIJZzL3-xM82Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
json
gum.criteo.com/sid/ Frame E97E 		435 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=timesunion.com&sn=ChromeSyncframe&so=0&topUrl=www.timesunion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.timesunion.com&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
76679c5c18b0bb4d5febb32e862c4510d7a92eb52ae9c080d6e098a2f8219d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.timesunion.com&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1061221
expires
0
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/752d63ad-792b-4705-a5e9-22d061e7af89
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.176.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:25 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 21:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 20:25:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Aug 2023 21:50:25 GMT
thumbnail-720.webp
cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/thumbnail-720.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c026e57a721a8d05a9dcbeb2ec7631d07f0efb3c9c9e50615b69b0cef7e594c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:25 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:06:10 GMT
server
AmazonS3
etag
"9e766eda7badeaf6ada5284ed77fdd9e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
41456
93bca562-507f-4053-9ced-41b29f2f4e39_1601488454966.png
cdn.playbuzz.com/logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.playbuzz.com/logos/93bca562-507f-4053-9ced-41b29f2f4e39_1601488454966.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.63.80 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b506f7958620f0b9254ade06823825f9054f6a580b35fadc1807565dda76ba8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:25 GMT
content-encoding
gzip
content-length
19089
last-modified
Sun, 24 Apr 2022 19:20:37 GMT
server
AmazonS3
etag
"9ec48bd6bfddae15c94ab572cce89470"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 08 Aug 2024 21:50:25 GMT
player.js
cdn.ex.co/player/ap/p/3.38.0-a35b337/ 		493 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/752d63ad-792b-4705-a5e9-22d061e7af89
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a666084d3efc7ea6241cd8d06316be6a037334cedd93b5c5009ed325106493e3

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:25 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
136704
last-modified
Wed, 09 Aug 2023 08:54:31 GMT
server
AmazonS3
etag
"be1897800881bdfaa2b7a6b4536bafe8"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 16 Aug 2023 21:50:25 GMT
syncframe
gum.criteo.com/ Frame 4FE3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.timesunion.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 21:50:24 GMT
server
Kestrel
server-processing-duration-in-ticks
846214
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.3 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 15:42:20 GMT
x-content-type-options
nosniff
age
454085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 15:42:20 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A25%2B09%3A00&ts=1691617825551
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
36c553274c565deb6f2cd1a1b326a0c91f7567da718e7746ef8dd891762d50f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5194
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
HLWnXLNBAEQnyxflLragBK6MkOc5o0Ri6pfhWFcOGwSGJHn1y18euA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 4FE3 		441 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=timesunion.com&sn=ChromeSyncframe&so=3&topUrl=www.timesunion.com&bundle=OSot_19IMiUyQkdnS0UyOW85M2VKRTJKJTJCdVZPa2pRaXpuZ3UxOW5TVnY4bFUlMkZkT1ZTZTlBV1doSWlvVHJoYmxDVWhLVmFLNVJLUjVhJTJGRmxkSzN3NThjeEpUQUhhZkFYZmNIZ25RNFNXYTA5cGZrbUlCOUljWUFhaUxKQnBIS08lMkZoeVJmSWp1b2NXTm5iUGlETlJ3cFBZVm5za2NnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.timesunion.com&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c369e511dd663e3d97906fab88d67df42da1f03b3cf909a658ebbe9c9be9ac7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.timesunion.com&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
777955
expires
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WE0RM2ZY79&gtm=45je3870&_p=141382141&cid=1396311492.1691617812&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1691617812&sct=1&seg=1&dl=https%3A%2F%2Fwww.timesunion.com%2F&dt=Times%20Union%20-%20Times%20Union&_s=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WE0RM2ZY79&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
collector.ex.co/main/ 		17 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/752d63ad-792b-4705-a5e9-22d061e7af89
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.176.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 21:50:25 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
player.js
p.channelexco.com/player/ 		40 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.59&p=1023821507&cb=f465a154-3316-4000-8bbe-0d325c513a03&d=https%3A%2F%2Fwww.timesunion.com&schain=1.0,1!playbuzz.com,0012000001fxZm9AAE,1,,,www.timesunion.com&w=840&h=472.5&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=default&sid4=p/3.38.0-a35b337&utm_content=non-article
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
1d7cc6f6e927200ca1c4f9d948d784501e2bee9a264587f430b6c358fae12d02

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 09 Aug 2023 21:50:27 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Wed, 09 Aug 2023 21:50:26 GMT
d
gpv.ex.co/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%22744a8b1a-cb3e-4b75-accd-6b54f783c60a%22,%22country%C4%8D%22JP%C4%B4%22browser%C4%BEch%C5%85me%C5%82os%C4%BEwind%C5%86%C5%93%C4%B5networkI%C4%8C%C4%8E5380%C5%A9096%C5%82hu%C4%8D%C4%BBue%C4%B5p%C4%BE102%C5%A721507%C5%82%C5%A4%22https://w%C6%8C.ti%C5%8Fs%C4%B9ion.%C4%B7m%C5%82u%C5%88r%C5%A3%C4%BEt8642vrdqrluj32%C6%80}
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.72.228 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
81f3d25c3cb0fd0c3b9f1f22768b90a687f23b89e5875b68080a675a3f72f68b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"6a6-zl6qzsOqu5uOqEuuT+UWGA"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1702
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A26%2B09%3A00&ts=1691617826195
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
3e2ae3f615a0f45b9af1b705d98e7ee2c886af6a0be5742ef0c4f83e17f2377f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5195
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
KkMexOxVYN0jDUf35L9KwgdiJNbhbUtsKnb2tpp5bXpvnxFK9KooUA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		392 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e97ea7d706d0e392bbc569701821d691c278a8e31a0aad72f23ced14da930974
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:26 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
392
x-cache-hits
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=timesunion.com&p=%2F&u=cLGXoBLw2V1Cm7mc4&d=timesunion.com&g=53046&g0=home&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=10845&o=4000&w=1200&j=30&R=1&W=0&I=0&E=5&e=2&r=&PA=https%3A%2F%2Fwww.timesunion.com%2F&b=5207&t=CUW893CiCLipqkCf8dE0tgxVJxd&V=141&tz=-540&_acct=anon&sn=3&sv=DbMIDmDgasbnDR7I07Dz89AVCjwM4_&sd=1&im=067b0ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.173.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-173-138.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:26 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A27%2B09%3A00&ts=1691617827192
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
44ffcef7a5020e9f16ecd25a85e25e4fec63453d7923094da7ff5fa7fe0fd79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
7458
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
hu29qGT2xta_TL2EE_Y3GcXfDIZZMW0EH00JAWVt-9CcuI5oK5LNCA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
starti
s-14.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-14.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fwww.timesunion.com&se=e11006af-1fc8-4aeb-957f-d6dd46ca6d2b&pv=117.59&dd=www.timesunion.com&gpvck=v022819363__840x472______DEF__nil__433&sa=shd&s=0.0&p=1023821507&cb=1691617827217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:27 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
340513508703df4052b76bbbdbf3999f645c669d53f3a93a3dbfce60e8d5a3a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.timesunion.com
date
Wed, 09 Aug 2023 21:50:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		191 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A27%2B09%3A00&ts=1691617827727
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
2468aefee4cb7e6570046d14c68ad415d61199e534781a623aaca9d84c6e9fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
152
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
qv2joRcmBVGjesskh97jpdmbfkD4gfluOvAsNb5fa1h2I_ZWXbJ4PA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		392 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/413gkwMT/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bde13d7bf75a16ec26e4f3652a281f292afc3ff280d80c17b8c96e1ce9f2e5d2
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-itm18838-ITM
date
Wed, 09 Aug 2023 21:50:28 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
MISS
access-control-allow-credentials
true
x-vcl-version
375
accept-ranges
bytes
timing-allow-origin
*
content-length
392
x-cache-hits
0
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		36 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A28%2B09%3A00&ts=1691617828192
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
416e826a25ed1422b14ef69922589236c54bd0f21d7f52e1a54fbc8317f67906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
9059
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
RITNYwjpjEKJnyEe79M4oxqiSyw2IkMrAC61O7YLe934w68qxWukow==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=141382141&t=event&ni=1&_s=7&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic%20-%20Header%20Toaster&ea=view&el=ALBY%20TU%20Header%20Sale%20Banner%20-%20Seasonal%20Sale%20-%20View&_u=6CDAiEABBAQCAGAOI~&jid=&gjid=&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Not%20Entitled&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&cd29=Logged%20Out&cd80=Score%3A1%7Cf_kb%3A0&z=129136431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23202
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hls.min.js
cdn.ex.co/player/hls/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/hls.min.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
content-length
72020
last-modified
Wed, 08 Jun 2022 07:43:05 GMT
server
AmazonS3
etag
"e09058f03d6f30d32f677a963cc1572b"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 16 Aug 2023 21:50:28 GMT
usync.html
eus.rubiconproject.com/ Frame A02F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Aug 2023 21:50:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 09 Aug 2023 21:50:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame C9A2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
91e2726c5130608718728901a6b5bf378c964bb860e222333cc98a7023526781

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1960
Content-Type
text/html
Date
Wed, 09 Aug 2023 21:50:28 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 418E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D17163%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3DPM_UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-216-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112442
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 09 Aug 2023 21:50:28 GMT
expires
Fri, 11 Aug 2023 05:04:30 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ssbsync.smartadserver.com/api/ Frame 1EAE 		687 B
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=35
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
4d6bfe31779d5d1fe60a750a128d58e9d569c0c510346887f5d1dba4d786ebb4

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

content-length
687
content-type
text/html
date
Wed, 09 Aug 2023 21:50:28 GMT
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=NEZCJ0pUXi97JDk1Pk5pO_7m4PBSdKRUhUnd8N2dKv42qa8WjWxrn9QV0ATNnRPVReiYer6PewNpb_qH4YMROhMY_3DGT_G61WYeyCbYylDyZ19W92PT2eaxWB0fOjDQ9-6NrDl4jkyL-bFjOe7iutXcsBuzWZlH1ow6IKdT5ljjGma2Esu-3kwQkE4Cgi13lmbFU4GmLS7G8AMHBc2KWhU4lTckdtF010wXmRWftcrBDVc6JpKYBOkOAYxhgijjfQvIzYUW2C5Di5fkdnYqu-rvEDGQrQQYhrOdF2TVnrP8zZj6Oxfj5V99Ui-rwfaXS4Td0F56MIW8FzcNNRdpMIvJa_YinClcJ_NEjAdUynETtGLQnRH7-zJAnT-LTNCJhT_spnS54XsFFq74y7K1mU7wEKt1fT0K_uqe2dO7AAUJYrl1e99AY_vhMt0SdeRdOVvdfSzyBqc1Uae_voqfsvHGbrME1zCYiEKFNojTtsUuK_oAu9RrUlAiansiZaP1-eai0-fNk9MTCcpnbxYSn8Lt7u9UwmdQ3FqIP4kynfHWRC10Kyk2VkIx3HLF4O9HQUjSIaW7TRVNmhHxnQj2T9nBXHKm_g1HPymtyg71ZrmevC30UCDmbv1NNJOi2qDjxHemM_KnideHXZgfF80W6vo-wt-dXuWOJGnEBgPMkq9SLvdDGMs-IyUo7d6sx2Vt1zy3jcSnZn8jMCgf41IlhvLTdUqqA7Ja03pUUqm7_Q466QZB1RyG_o8uKDVVciFf4ZTLOvIPGwiGsPwZjN75R2StVhfNOFsRmTWuhkFjXLUt-ffY6dBlikWY6ugpTCE-LqWpZ1IbgmQg_r3mrVieV_nTqMPmkCbKwzdGU9a9rVzz-9JP_KxPzBh6OXdKR86PXl9vg2-vi_SnSFfzqLYKZB2KgaQyTAx-4Ttkg4cbqL_47E0LIc_ScX7Kfxi-WsEkEbdZMshVTbWTBnmh_CXYgFM1pxepzDm_SZWHSkvu0RO9q0YLyN-vN7B05uBcMHV_A77GzdU5qIwxWNGNs_pxXj5t1h8p_zRfy9WwkLCaQdSbBE0_E0wjffDuwMYN34WtpzT8Yv7YS5Ag_v_FxTrUbi6E0P0usz20Vmqu9VtH-ziwirjFdvAF3SFw13H5yRq61GVSdsfvHB4WfOCz0a-Y861--ZrLuAcQgorFEylz4Pd6I42fF6BRLLjZ1lkaUnSpiTL0WM1MHTiOddwdmwJ0npBMkQQz3f3523xXIeqq4emeWav_uYmjPiQVOoxEIJg-WZhVqJpWdePOksPHoGYr_CPSEOocmSt0GodEtfNbRuJnvRQsoXDq8V4HGbAAuge5GHiksvdZloIZgomOYnguCkrWgTJc0MRoh90YENmljICbyqL5HK-hgmbf3BhFkkwnLT4vulhDOStRdPdMM7ggJ5HVNNCB6C7XaV1VlQSjr44hH6BQaxK8mEOTzDBSofMXJ-37e8_ykeRd38Q1MqQ8mDUIiQjS57wsWGwoYqscnHrPKZoGwyayQg0-md2gwmivIbqhZ6FyxPC3pLZDtpq3daJX5Q-sJ0JIpT5rGVr8BoHmrERwnnEUDWxVhNzJWxck8LEHFB20q4988iTXZeLQXIwyJKb8yVr1uT06vuKyHY8thMgSoxYLNrrRtmRdlEdsVzmaL_FvcAsYBEeTW3VPa8VnqsEujkXeFPEomUNkqX0FjIGGh37hvCoUkyKcpOstDQCcXkJha5wrleMT7Om0_MG7ma-QwyiyByT9dIxFKadiViRDDVpTE6lmNnHo1u_btcFMtzp7kB3aETmGHwAUhRSvkYZ-KsfuzGR-SmSZUj-7aSwTFyjaHcKp0jr_M1RT6MD2bI3NL_H0Zp7M7GABltmd37mV8t-7jl4BI8YnzQs1RzLYci94VbD0dYfz-OVLTmuquZAGYmYtllkYk0Cob_pnlu_glHN4PBX18WFgOKyaqPSPjvzwHnPhy2OpnOvEaoT013KQ3Mc5FKp20oAaEV1MeUdP5BbmROjmdD0R4-5nHVk-SLYCtlVm4JpCNsoFJV_G0gF2qAzFNxg3X5F8TsdIZZmcqTmGYYBewOkG71BZ9OxRV_BHq3Loe5dOMBdzfXnpn2oEAS8UDDkpDZdX72mEdes8ko5r8QCMkWG5zErGU1m1K9RmVsgluOhYrRgHtPqV8JWTWGkrV4t_ZLbHAXcbbDeaaB6sURBVoz-mwoR7MK8yjbPE0RqeaLqpjG3YoxXKro-tIBwLmuhTXT2tSNkSXs_j8jUtcAtwcTc_e1FSXH09eTMvNCyzHwJ5tZy-1nyvLymwqkkmKhpDDBT9jTs7rjoX8b_kKii8pgCW042xEcn0MiDX3HvCE34IRiSISTwy5D1soxssDPZVGe43zyBe2L9j129Z_NO3FetX6RCiJGWp3GxdN14I3YAJxDACSK_WVlDER0GArcpiMg-UO35RTsjKzjXPwevyU4UO6YB9pyrouFEtJKHjMnUNgPGc7R65s1ixOA3hsD_L5cf_pWgxivDI-IsRwVCxDZ72DQGF1o4O9MYXuAGpatwrnJquJlvOs3Wku-2UrBU16tDbsEPGJ_5uuQhQUoxBp80kUVAYr4aRUYvAtDSQ92mUg1bBAvlCa1Cnuoc8fkHu_yixbMWAtNTYTURSRRQZOXtbpd53aB6klXvv3-3FBxyA0kKtoXRLoZuAfrBZWxKwyn2hde-K6wLg4eHtBMSSXY5cvOUYqTs9VgJpV1isEsQpC5W5-Ry-dsAwW5-Gd1XJ_ptU4--5y-sZp3Tc-wigLTd4lz2qpu7GXVfBXiLHGq-xBDu6ybIYv04KwrJL_cuw_fgwNa38am-lt3qmscYlCVcx8E2hwouIuh_mDPUD1j4UJThAgJaJMLwDEQ_0qhqs3B8TM2OeU7auij-tAiBTslpp-GzffZQfn4OCFux_IGKbGHKmmHPtGbVAvLM261OYnQns75ciMOODAbYQGflk0CaKXgDOOYQViOefOBiTWtxHvsavmFI8zViJnaAMVbzD8_5f1XLfz5Unnjodc1vElgPuuzM4Es2WAFWNVFGYrbthylrPbZu9ReYk4CTgqmE4gHLesA%7E%7E&ap_size=3096&nfcpm=0.3&placement=3&plcmt=2&skip=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=dzYkbzdPPCJfMVApflYnUJEzv3maV8uBy3oF-AMWryDjV212xC6wUt-2sLcq0s7ohvPS8-s9b9OA54CCHN330WTBcEsThT_eQSOwbi0NLhBNNEPkL-e60BvWA4thsepshFh-9n873mnPER5zXXFAfA_fw9sXbgQcpRK1xwjVsbL7XdlMFqIY-Fjcz5wbN8Sk4J_mcz51bZBrZBpvl_GV5MW1Z1VDsNhe6etu5ue4esZB7EjvVbec5aXj_G0JO3K7-misJO6e9Oz9lIQQGoojMYBLtrBNcuGnGZqBBYzck--7ptmD0xazimwsAqEq0Um9fZQLX_YF3JLlVnaDuXiSAMamLsJKcJN-U5k5Ip-kfr5MUINNcqr4lzTgNSqzhmH_FkvII6LF7rPEl7XKnJ_Umo6PA5nJNlVS6MqLc1eJAcqxI5oPiktEK-JIyg0b96RyEnPZTJ_GJSNK6dbI4pQw8de_EbZ7fNhvRZ1hJlSsBxMYXtRhIHPoPOB9FokcKQdflAgnp11V3zNm9LT2BIic4PzE3XoPHMW1agJkBX2wNAtpTYsoXxMgxALV4Ir31vdRWzmiB-1__dP0NkC4mRNI2lD7yw5-B7gGndV8uNYkXWT4E0n6CL9VzXaTOWOzhCS1rTxn5kqOVg6uqmi6o783xfagSE2bwReuIQBFr4Ym6zm_yG5nxFGM2GzPmVTZDRsH05JTobxZhawM4Mqp-vcFa9wJ6bhqQpYOlzS7EQuFvuFx9E8Gyb8DymZAJoKpXUZ8itcyYWQfce3l8UnTRTSbgb-EZzRn8DeLbLS0BN6gB5nPC8uMoaKcS7rIC2SWvKr735dkjuI5Nfa-76HWEzL1DAizj2M_XhWivG0naaQJ5kAw9lzjjn8wihWquiQKu-Z3vE2s--gKtxIJQCW5WyftdCYF3sYMXz-RcfnP91logbb7YQ5KjP7PbhZRaVt-Qu5gHVQD7e_ImVTSZcOU5gWIIy0-8c5MXwpa0hEhOxrC56DXxB2TPGc43FjxBs5jo1jgMyp3iTh7pOoenAffagKbZIIy0N10U40Ha1XCyQFbC7MDu2RgcBMnYyqIBSr_VpOgBipa6JB6e3fpM1QMKoCZpThYbBaxwPZQ1DvC5L7GGpQ04OfVxrIf9mq0nLQSYPg4mmmC0mnXEckQ5b8ffl4KBzkdjgc2fzFnAoGzKqCs3_0_zGnXjfaAC9CshJczZDuo1dXe7nDKaCRSNoNqcSNgzdpb4oGyzeRj9AeZBKP_8MYnxeRo2L0O6WWHSq1UVUPbJIk30XYK9lkECsLiIA_dXJgZNCjp_PtY2qTXo3708hO3tTJZUzuttyk14Nt8xs0gBUYMx5TdJyutivUeNSlpjHa3PBHbPTwmSIZg3VHVmoX7DsFh1Xqb08s79vDvIJW6QHWwyXkAc4eJbUZL0YUekT7071cBHOaNCsCkJ_4_mKrJp5mytTpWCUrTRBIcv_BZIfYa6QEw07_X_0f1PnJRpB-RHavvREmb6ym05I5hr3LSEanHaJ7nSGIehQwcuCwvW-SWTJddMmkiPf2VqqAnoiO2QVcYNf1pY26FILqiicxY9TG4Ta0sOiNPNdRC0VcLeSQVFkblYorkDQ59_QERKwEkt73EEHtxoMhczq2971kFP5dKRBmxlV1CpYJCopudhaJmI_o6zb_88zGrCnGjS65Q0c7TZkh0P9TRJz93ElrwAwJIfYOz8RcID_Bt_ISbv5kGUpdWT2jpLZq6-C7U9TQSbIQlBCHPbKVBZG2rJr78JDFuqPHVYtgqC6aBpdjsncDlFxd7OdMidBryb4S8yNtn6DPCsdjkRv_NuYappgRYST44wlPhbXNqRwv0Ttx-skuYUWQRmAVGv84ovWMpm8DoynAG_N6ewhgyFq5GkFs_3DM1CcBdnK-EE9YcIa6FxZx8aNWxuJIM8AumrbzMsM7byZB1QCxlnhDo1hHB3KzBrDtZu-3ecIAjnOVwRiNiGbQDB3eZGabZs60Z4DKwF-QvnLUHUPSkPS424C8NUxVCJbrcuoCghGhytI100SOpVZARmnsHq9pqc6ZuFj2nr7RAYu9vpM0KEruPhSeQgdo_nBvZKfWt9VNOzunK5Ub3AIl7BGG8CGkJAbSHqcDn9SZL774M_0QuXVImag2bXX1Pg-wyOSYQaxRJtAsZKnP-sy-IktSDZqcP_gd3S8dkWKC4q45va6zlNUwHDx5YNIF8e_fzKsEePPJ2RNfGPzj0I3QerU1TFF2K8LUQhtA3sczELbJ6lc9zfchsBbOXUAuR9Rd-JTIf9Z6tJiA8ddn9JDvKoEpfTZfsBYvd7axUS33rG0rxArxmiy7Mlec_G0Eh_snliGGf7vpkSS8V1nEgNt2rWdnQ9TeRzuc9pUysSmhLBA57iG7Y8d4boVJJ-bG3dJTZDoWExPhvyu1oUbVZ494DlDjNuZ5_akcabRu-bT6SXFjBSBBFNI2nYLjWWK8nprdDqhKYWBIGl3TbcmHNQH6iJHKdqnEF6OZzx6KKhz_2hUUhywAVOutTkM5oO-2EQmgtgpQvOC4o5HDq2Bef48zNggLtAf2RQkS5DrReDU4BBEzZGTKK8XZ9HHmgg5nKsCcKFvmxKyIDNvu7GyTo6kpRT-AK7qqIqpNxmGgIHluq7hq1vWqsytrThMuzWSsP_dChJDOywIE3tJ522WR4zcHHX_jCK2a9JoXduBAegE2ph_XILwroRu6zKW_9QyawELeyiE1Mxc7_f0MnmtuXH_v3E1JmSuiwZ7FzYXPvYI8LwlvTMl_cfHBEQIojbfTQCRo8AxbL91eKAuPWQZoLibfP7xPeGrIOlijHGRiZziAOXJaoNM6eKBsr0XCRrhZo98f9yHAMLAjO5szC9uD9JaClnMW2RB-6MsDtHw_Jv1oiX02UjY2F6he_uqE43a0N8knepa_sBdy3KmNB3HSF4Bb1O_dFQbEsbMlAojoJOKDR2XG-lXEKDZV5G-ct8B3wsBg0q5fTF2IlrBPdgNv5Eq7-rKZvwGTzynKfPJakWCBdqMjWHgjuWhLa8IQ1FVfXlolkIiQyYND2oAFGDeHe1mWNtrMb7ZCvkQ1s0JcYZA%7E%7E&ap_size=3096&nfcpm=0.3&placement=3&plcmt=2&skip=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=XEJBLXJVUllMeHRKSjBmaqNkDxtuHzXlKBpXhtd6QvrcGBHhTRZTg-DubFaSNA37xe-5Kw5zvOshLB-ltAhOarl30Gptc1-XvVN2IDZKq1j7pj9_9ZT1xtetYoKfkkrIs505LbIGYZj3xU8ajVq2uBJwFIC-Aw7KnP_qLpjk4XrbniVAV-4AfT44uHlTNHjsePR7P6EdFZ-OMml3ljvCpY-epjOvkkhvZpKLZnERn5lQRVrH5ZOvjh98ILFJcus-bO_gS2-LmEsErm8Sc91D0BkPurOmP2JCnITYXXath62P9_fkSzrsLPm5SIC2kwh_WD8WQAUBqsPf8ccgUQE5gX1Jbs_3x-E2MxwBwwtcfVJUZC3OU2qTJ1_6SfXYWKDvr5EKqDPDTOO9rWtL8z5CIylooAYeB5KkjnnWKeRQ2MKdHlmYIX8ijbG-QZPQxSbIlA6brFWuhhbL9C4ueD9gdlOy602AiLHWT5AoMuHmDSlYaPOXMUFOi6IQ-Ti_BFNDyi7lji1hUDYvEyyvmg_j7JuN0aHTXAQMXNRM8EImjqtzUQA9G4bVUM9whmHxuNwmO3-H8vwjp5WI0drAxp-qXtdnJ2cN6FZVI9gsvARH9ZweU2Hed2p-oadVOfI0PVZkLLeYilzECShTiw3qVwWDTvh2j8_hGQbMea0PjR2mH63t7EnkIqB_b7MCiTdoDcde7h6-cqRl-HrwZ0gvtcoHlxv1R2orSwKlQ1YvFRC0vs51MKYaaQnacuYvkLBRHzOh2UtQhGxn7c2tTDb4uJAW6Y4VSGI_riVoXhbNDSsG11ZjRdJu7lFjpM5PGklpYukUIdYuuk6TKzMXTJ5A0x99BBKcWMwIDaFkQZqs7d2_88agV2vOyDji8K6n-egjbthnxJs4lFs70ZBDYuDYGClV7d3yhfMCC_esJUnzJeg-klBb1lvNHXrCB64A2aidyf64kuCCnSv6x-di6Fw4y9Rr8VH_90Ge_Z5qYDQzcRptJhy9WpZ5jhip4PXZit3taqEyeG8A-FvNpZtE1eq_ujOFAcF_nu5unqH7qv02L-u0bakMauxtEF7Tc1OLzT0mNRIuXmFrRpk85kWyF8LrUXdcC6KgGPDi82uoDIYimwxMpz8HEaHlj8xpzcjyoXcFzFo1WYj8BECXOWeKj6JVap_coUnUB82B2SflAhZqbuL-i4dyawRVrA80uN7O43Xzt5ktib-Y-J5PwX5FLsH_Lg7X2LLEMbPmYkTGVqE4D_qjem6octLsnEmyL8eRDHEw2xwv3KuWYQrskGtDvzQGfv3JNq1DDt4eMt90T-qQhQC8Gz7oI-bfjkfHGuI5Xn1Y_RXHKdyTI38tWuNEdXWdPJ-1qjM0WbWGgg9okS73kS5RpoGZks4Uwc79ZY2JZCqWjdYpDFlpKisocgZAPO_HdBxZXryWJejdA4ZGLUF-MUlVZMUPA3VkJAsrWcJ2HcB2Jj4FDrnX1r6DOvXn2DVBJisNrItx771ngrScU_bcN9zoZ4iiT20qLYmcix_e0HAfq2152XCkGUx4xj8ptp_FheP298UaV9UObj8ttz5GqluZTNdI6Q1PyE5P9FF7aXrR_tow4H1uRI_lR8ZP1PQB5vQfdg_KzY03qoqnWYH4XHIDTaphik5NOw3guyFJK-9wFLJLKmjS_ADstPXgjY1f6cUh-JwJWk6Y7cROd0tEWDtbFJ4rLiMZbdph07g9vfk04awQyLaSwSO0PfwGtdayMVQ8qaGahNarKiT2JvAm1qh2x5VA9OVJyH0dizmAf4YFTA4RKvYQadzABvoZdgouueBz_1Uc98XaXn4sSEdOD_zlLXfkbyOfLReOPgLoZE1Tq6KqGuUJbefyvURNbt4tOZtwLIQXs6E4qV9TwkoabDTKsaRAiZ7UN7fOIrWff6O8Xc4-jJzypc_2lEHYWaV56841jADVS_AgrHeizLoKSeCaV95W6q6w9u1iIE5k6QTbnNRWy6TSgsw7-nnzfjUVhW24lZEOpKYQIFyJgyjsorrW4-gGlPHXuiJDUOrlPu6w_cm2bRaiuNIjDV9sfZosIg2SWUkqDVy3ghcjBKi5NBo3G2ATu-zuKb05ppPNYI6u7h4vINnt5pYXcPw0lWgXBzHp31D2oisr-Vov41Mp4QxxJqu3WuRmop4wWChI1KnDJTm-5j8RvsOC1yCJ_K4BPLYvu1ivjkEV0qiFAZZqv0AT47NyufS5OK2gn-IYjRXpJffta6fYBNJjOM4wM62jgOxX8tzS3PuY0743PHLyWy3WHw1XDtdjleg3ciKcCZvTVVbYp-mo8D9JKHoZlSWVab3GeP3vaoqwhwY8DQcWU_692BszZ5kncM2ZTwA_pUnkiP-LV2XxAZFgG-zR1u-Ek6JXWO3Wxh7W50XZSfk1PB1S6UBaY_n9gv9H03d8aSH8Up02Yta8t-WVxpFwGpGfK49RdYQsoAvnO11bFfDH2OtVGQm1orkdEVP8eBnhl480lSvjZ6nKVo0yjdyguWZnSKdYRnjwKtI4zbZnbxbYMnXkmWj4VLUEY_Jfau6Z-3UQJUbOAg1nG87jARA-Gfksm98iH_8PeehD8rKfZvRYNrvDPpuEEX2BOkbRFs1Dd8c6fBTnrfTWIZpD60Zu_UD-mWS03oguKxXrqfHw74yFUzu96qfc8QWlsTQPKdUETFlaMnMsxYCpUuIZ_eJD4ClvDLaHruLbihumzQGv-RZmqZilEl1T7V5DAGrGtE41WfpeApzS1GmH0NlDLpJ1eUetvPS4yKJxB4Dna12TyHra-Su1TRQXSZV4ozaav1mWrtx5J96XtC6Jr7O0ZwGOFu1DVcGrSsCD0uwzCGdIX4A5iiYW07C2FcpFnAoMcGtXxYKDmKncPlHhPEOC8U8lqzaDeChBTczEyzpT22XbCg-0ohfQE2nCEIcoJp3da7RfPQcabwOp9QdP3Btz88DiMsN52zU4qzyucAA9wxJUnP6VS7wjGd-ydDw2l1zxaJjrBb4SNk5DHngwMcE0jcDnF0U4Ji6jm1JIbfxifKT7lGfN_hJEJ88VOGUyvJ_hAWYwerbn-Bxck-C3eLWf2xg2JDqDyp8vvw%7E%7E&ap_size=3096&nfcpm=0.3&placement=3&plcmt=2&skip=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=NjxEMUAzKXJaamorbi82U08fFB44hfIcGDPX1vBj5XXEC4OHe2ZG4GDW38nzOBKnlZmBVujBTAL9M-ehew_DiD5U3gUd0k4YW49TBDn0iQZ7cXFA7GqGkGZgp4JrQDDGjWkHutmwqooDPgky03KhH3tT7W1hGRfls6YDHYtM2cezavOg3VpeC3MMjHDZikNU3O17NjuOP6rjQXQOT8ZOOb1Ix7U1gSVlryHvdyEHb5ABCgIRYOTSlX8MMG0--lWEfuXrpZOTvNFsxpV18ZI2jODVHD3T29UwxYbLPD88Qui60siRO6s-_sndlbH302CI3Bsq8o5nl0mFSUhYBjJZhIYga9XYIb3iBnfiaWOBd1J2eXIhwLSox9LokuoicS6Vp8fk-H-9th_ky1uYG9eluy6-p_SVfNcajJPcVGidQuacFcuF8z9U5IWxPVYLZmx_Lf4nYJBva_0DJMdoBh3R9ppilKQtXEE2V2K4k4OsxC5803LJmZg63LPxGO6HJ_Sv_eCGbYu6ICJsJpvC_xFLRHjBk_SGRlC5PX_4hFQtacxDdoSSY3XzK9yq2FiwdAAC_4zkD3gTn77ZMIng2vvDqSXDqiuG8A-auYhOL4PsvzxfLOp2p9mMquH_3ckA-Tit2qFgz16mfAuGjo6YtOFsFiuYS72A_Ndv7r0D_GlphXLIx6aL3dKen1m-43r-x_uM7MKGNPAKTzYgjSb6EqHpRDubggWPsjP-Rguwuc8D25MJhLVhldYrAZGXoH5OFQ304Ic5JESzwmNTl7Zj1g_3KnX9lMre-bqaQwRdlPHoVm6jtA90Snh-b0V1TXsBHzK5u3Ni1XqAxsyIagHF121TWQRkLIOl6mBIS5KPhKFAlApCkFyMK3s2A_zOkSSty_rYDbmL-kGJs5UctctDkKPhXMaVsmo0G7Frc3y2EV-mC5_h8nbGjEAo0xaJFyaY4L2VMhABW5pioSL8gotVMz7YmI0CzEAT4K1TIYcM1IBO5c-YLYT9gNU80_pwOZ2LcFKduhN2ld1Pq83IzGPHIzaMtpcNXpSjNdV9JZrS5Sw3Jo7_2AJxYAYGypSMGnWknkI7u7J_u8a20bruEHzum3mNbyZ8TUWBaTcmKNFUcG3C1JpOhDtLRh5hiADezV38ps7BPe8lV9jwUNqSomC1XZHjFRVYb_ImcLA9EYwe8hOTk_BCvWI3Y1Z0i4vSIB44LUFN38EpDeecX2qJ1_NM24iMMxcYFwHWEguE6IQrnvVeyNuPbmUf76Qe1JrSC1STofOeUb4rzYfYIX85Fm679ttPzdcMaYuF0HJ3ptwvPnfNlIjFc3raK1iQrl11Ma9HAkPEcqJ9qinp1osvd5oCdM_8RB1SC4A-6ImAiQ1lK5pngfid4JS1-psCCrtvM6tbau1FGMsl4sNJDiBd9nUBHT72W5HPERls7RXhPeF_ME70oPObeP8a3sPcQG8ebaIaLC9Gr3e0MROfrZldVsN-kqBG4gJyAVs595fS3-GaMYZV0BNgyXj5IQwXuwPfsX5YSCtEVxPmsgZUBCho2zrmSTNlcdbLXm7Vwt_T8J2NJ_6pnemmPm6uSpqi4Ib1Nj7Ra1McBwcupC2U6tuIY0NN_--2qNwJqThwvWzYIHYbP9S6kn6JH7RrHfnf3UevEJB_KA7VmkF1NYgQlA6PHbEWZyuZhT08_6p-tsR3lX-FdDip9FYZx59_n-6nCdZOqcn8j0ofOCm9rQmpWq_NM7Ab-SX-NBg_79BzHOCD_5fLpd-JcZHG7Kn5ZpA_wGZP_74kqVNDawFpK5YuEXeAepIKtKfcsjo9_hp7TQajLbah2hGFrdiCPJjYL3K2lZclhLqwJAoeZRvjln5dV6UPU-quf4yobY2Lhpl6cefOEE1Mgpa0tRHmpGiRIsokbwdfKjUmNF5iwfYYhNvTuG7ptHNuChozV-CBMzEpdMLDm_z3l6KxS-mjMAjFUgJJNoE_U3kGjQE1r8-TsWdcGUapQh7CUCSeTrXb1lB9uA3oHbXuxYtgW72k0bjif10cX3MyPiSpJ7NXBT4DgzSlACEMwiKBJCTyE_z-vbSA8wyvskBmYyFdBx3q-sRcTFGHKyTfn3I-sR1PYh6JdAKmAWmDQ3I3OrsOsquS9FmiiASOkc_y59aBd-KzgMstZNocnoHJdEwPbhF7plu84o6DbwaDJPhVuAUfXvHv8ajbiCLsCFU-eg8qQ2hlFLe1v1i6RPqxqq0Q__TJAwerCA-27y443CgGpQPE6mTDHyoM3dAI5tzl5iU_S8WwrNAWUzaAzZIpFJDouy_NHD0pS8R5R29sbI0H4-nDEq9TPPmhH9rBmT2g-hucBKFFEfQSC5HBcSR_-veeTvOG9QzDDpIcAuH_h146_840omwEx8GgKNT0UMann5U82iw4VxY9UFcolwV3Syi7OSLkxM2zlJ_kQrU_ibdBwHjgM2okE0WtW7ZBi3FDQ5VM4pjFXXHjeqW9OS3Q8tG59BPnt0aIZxDdSiXTm4HocgwpfnpLAwti_vIaVVqAl90ib2bq1jGT9csLwCDszvFRpeZVLE08H2U2wf9Y2ITTFUOh8CZW9fIiL565EpCQGzVEf9erEJqIVOmvVj2ADjVW9VTl4shue0-S6qcHp2Ydyt1KGgFyuRUzncJBinN3u2EuX-6gqzlo-iT9j0JcBX517d57ZnaLLQkzEQtU9qGiEGLKQFQ-B3n8hE3nAAcANRooIlmg8-6kn2olGFH6AHa721H-Y3A-ueyKhAd3duYpfTgf1V8iNs9pvQKRdxW3Dp5DiEYtiRXcHVwn3E4KH_rP8O9SppVXZnpi9Fz8GzkycAOcwTd1KYSTyGkMX1oS5oiNCZcgZ8QdPdhmwGd6rl0s00gOibtXCs8-Mc4QdsIU0TSy9enA5J_ql-mBtN2b4wGtLzicYUh_c3wuqQiMWxmhJiM6uJm9Yca60FaYjCsGHiSoJjzpSEzQG7_5uWbC2QXEQyxV8G_K28XX2isKKam52cC4upvi_ZRoRsINTcQ8o0m4OaTRJdKOQ1snvX-ldkQund6I5DnylWZ5QuK72DogX25iHIn74TvnbJ-nmpVi-rHFkw%7E%7E&ap_size=3096&nfcpm=0.3&placement=3&plcmt=2&skip=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=PG12WUkwMUAkXCp9YSxpUN_sqTmuRr6kH9nqqXtZL7WROwOQzFTeinBu4qZPCloSo-NyDva0e9V5T43NhsITfP_m3fS0OdAYSS7G0FETs1JOnRndsT9fo9nS7OT3uDD9BRZ16_Y6zbIkLYkpn5GR15KAPiEhWcCKltFEptojnLmifOOgk9Q9XfrQTZucHRCHO1ngpGO8VKDLIjNzIW1SWphNPntpSXHuAcMR7BfBhYQuCI6Jp4gCxzgIW8TEa7T3_P02fxfgbbWAWIls6WbjIMSdHxi1VamHb1prXCczgzCiibmSBba_VIvDebgjE-jkEH5lzblFT12EQvE4aUDALSaQDX4wFmHl0fp0jIPb8yWcGyQhuMYJkLk8Mp0IKNiyK3QVzmvGAGxQD8n3WZM-EmvxiKDbrk9qiiiDxiC-K49u8SBNyE2auc31I43F5ImMZgLajD1VXzGLLrghCPFgBLCKbcAenC-48hTjrzADDy8fnjM4SV7B1eEcn3YQ2Y9CnOmmOjjiiCwCR1Mh1LNuoQ0vYZdWODjmO3yjLFScG73oIopBuR52ElLziddknXadn3bOB10y8p7xSPzOJ5GYWNCsNP1N5TRl2_wxof7EOf1spC5c3fD6wVPeGZHoybHSmvGDwwW2KiAzJZoFDpFVROAbV8lcLlGjZkyy5O7LrWEug7Z6JQwJrNhS-y-0UPYcW4O91w-l8ZjET1fycOs5ogtT2QiFqRw_h2RvEFnNIrcDlDeWhfQJbAB72xP9g_NnSI0C-GSKHA8E_MlSLb4b3hc3_-gNpK1Hzj3LwC64vtGRpFFVtuW6Goc07regjT1Zm0EEiSWkv-l7Yj0ZfCVMrnRDs42N6QraP0e5hL_njzBa7b5Ke4cV3oaPcS0GwUPUBuzXKs7k3ZXEpuQ9s4UrstqFt4X8iM9p3l1-FidUDoEtlVJZdqg77ilqLYxVbN8WdwqpNEtzOsjVGzEFxrcKXI-hhhibhl-2LhD20uvgdNjnDDiyMjwX8iLoVJIRfMQE29DkBnKhV8c6XEBkKFX7YjiAYezJnZ6mzlpJZFGhEcsM1XqUWA2Ov86oFQBpvP7VwM9gth7bNOIP72kZLsp1psXKJu5P3Lxk7zYY5YkSSoKiRSFWgibn4CqMRELzTO00vsnqkFqONtU-szJpNaB1MFiROl2VqAnJjhGcuoguVo5b4gm-oMOOfytBXO6q89hWDYlocshf71m4EsWH1Dp82CnsJxFxs3oAYKVI16Tnz5QeegMNbcHpRUlangwjXvfmJFZOk0udMCbcmhdSWQqWD0LtqOAY67EIruQTKBi3kdoFgetd_N8ht9mePoKIAnlMTPM3Sz6RbiA3WmS0Buom-lu10QTgjjQJR_FiOTAEDg7ydyISQ0YWSnMnZLiMxJOMxk5zT97ve5-rZCt0bLEjk0KLwiNgcYKBXyMKAwbaJQBnM2rvYiKFbJmT_0DwxXPIJymqT6zrMYuYhv6S2zWUmJ925UbqSFlKsR2bv9owBXuc5BLfI9QyaYZxe6iHlgFluiPdfxLB66Bcj3Y7UErWvrCEmZvlqaWhCGwY_0R1ovQ2QTdtW3286HxkAr7HLKosguzBF2MQCUOCd5LBKUwmLmbXN8acBMDkPNdNyrsc5r_7_vkCe_GHkX0zP7Pek6fTForJSEj3Cq7_LFeIpYapi4pBQf-iS5MyjblR1fwNC2qD_E7EEYm9BUrOu3h4GsRTyV-d8AFAixuZcynfyLTr5gnOvLpfcs1TuSntzgfolnh2Eg_6FoYJYGgH_o8qHcKkxXLbWhZgFoaZzyaofEvK7EQ73XR-dEKPqnCjXUwUFzKjtA4V_Q573roC9VNFauOtSsyofU_zOdsXJSvzKtf2-KvqupZDJoH0ipDYCVSxhVuc-wpaYiLNcNrj8uklyQXFNeRoPnQkOvrkwLCqF-jXMwedn0SLy_p08vtuqX9jz3D9d1ai1pNlu5zVEO0dwX1NqO4pmDAGNJEQmSn7Q7FNr6MjFMpTIHyxjKpaJ_dkNJnaPaldtaJqv-RUHgkwut_SR9OkSdrl9io_elATawPtN4E85oyc-tl3sTF4e9hytX-Hn20N5k8n0dTvf3bGPKtOHmqiPaTD7iMAgjIv5SZ9nBEjQ2PVskx0TyNWAN67hZlsGxj6BUUV3mofKFHsN3LSIvrL_ThlkxfK7UH82nke6-njiNZjI2PI1uUiQ0iZ76GMIjiFWXcFymO4m_qVbKPesKsLfjXGrjxbYDJaZdRWeVw4DXY0D9Cr1IwwVQAbm8q7_combvCWpCL-O55VTqIXpUTJAHP_7EhRggeAU6EIt4OFgZwkTh64ALrfBDhckkDyOU5w7Qy8Pd_R3ULjPwaxzeHy0FGyw2Z9tF0tWaDlqTB-jFGqi_UgMvPy8kGTohNN7PY_U9A26EP_p30EU4GzHbBDqxy1fBgvMeciyfYpjL8qCMceqtALU5kRcFNOC0f9XZvED7dqy9gD0ytn5ZlBH68oRFCpzRtQ2HjuJwkQLKB9SZ0KErTuhQ1Yn73OUb47wlFuOxMZJ20YuIH6y4_oEUzib10JdTSUmLlAavWoJqn_Cjt6Y516v05erEU3ack7MeHDSy__rjdmefge-yuwwAl5PPp5xV9HcVJNDCpzFPccW9_0cBIaf9ZpXwiQXdD4vsEbHTlcBnGaYQX2mwSESKzAUeGD_nWddlcdo1zqTMsq71nLZUpYVoIH98ZaZQY858zKbXIfSircoRg6mmzAWm6o2Orhy8pe5BiaS1tPaqiLSMvdezSTW7K_g96logYNwczLkNFRzSyzsqyBPziFYjLMbTrRC0jH0CqCM3hB44t-Ko9nvErLIrZbqEVCbN-POqT2YqcpWvuuxO8-8MmCCBFzXzs1axcyM16FHfK3_WfMNveklHN3x_KhXidxWcSCY-t53vqQSr1Z-h4qaDa3g7DqPy1b9FynU1l_YKmIeGRApT-2nMYRDQar-YkjpEA2toYP-SkQMb6p9VmAo070DCYei5B8sy0wj6EMBTQ-jUyOF1eKMCSkwAPaHeUB1suv29vru_Tg1xo4a33e79U5KGXqxmRzVrBnimOI4MCr_A%7E%7E&ap_size=3096&nfcpm=0.3&placement=3&plcmt=2&skip=0
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
cookie_sync
rtb.channelexco.com/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D8197%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D%24U...
  • https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=HH8eBLZH3NsiBJXlSemuq2wf
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=HH8eBLZH3NsiBJXlSemuq2wf
Protocol
H2
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:29 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0

Redirect headers

Date
Wed, 09 Aug 2023 21:50:29 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://rtb.channelexco.com/cookie_sync?bid=8197&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=HH8eBLZH3NsiBJXlSemuq2wf
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cookie_sync
rtb.channelexco.com/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D13005%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d9...
  • https://rtb.channelexco.com/cookie_sync?bid=13005&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=bc8d6672-de4a-0199-26ba-2dfede5c5636
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=13005&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=bc8d6672-de4a-0199-26ba-2dfede5c5636
Protocol
H2
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0

Redirect headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb.channelexco.com/cookie_sync?bid=13005&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=bc8d6672-de4a-0199-26ba-2dfede5c5636
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie_sync
rtb.channelexco.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D15611%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D$UID
  • https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=4412166927166683519015
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=4412166927166683519015
Protocol
H2
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0

Redirect headers

location
https://rtb.channelexco.com/cookie_sync?bid=15611&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=4412166927166683519015
date
Wed, 09 Aug 2023 21:50:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0A68 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:39:14 GMT
content-encoding
gzip
via
1.1 aecc7dfa73bc6b0742b9f46cd70067f4.cloudfront.net (CloudFront), 1.1 f79910dd066cb79d5b224ab3f88841e4.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3, NRT57-P4
age
675
etag
W/"93708b50a97059783aafdf3c6548167d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
yCV1hfTo4nlmWiQtnqRWXgiiCUl-A-d7y3l6lWnkwE9Tc2GpYLvcEA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.234 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5e2f3ea6e601012859abbc5da7eef35d1cf45011a0275cd9a86dbd0f7fd4101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121804
x-xss-protection
0
expires
Wed, 09 Aug 2023 21:50:28 GMT
thumbnail-720.webp
cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/thumbnail-720.webp
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/752d63ad-792b-4705-a5e9-22d061e7af89
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c026e57a721a8d05a9dcbeb2ec7631d07f0efb3c9c9e50615b69b0cef7e594c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:06:10 GMT
server
AmazonS3
etag
"9e766eda7badeaf6ada5284ed77fdd9e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
41456
expb.js
cdn.ex.co/prebid/production/release/1.6.0/latest/ Frame E240 		600 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/prebid/production/release/1.6.0/latest/expb.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/3.38.0-a35b337/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d161f337d1e448a9b276eb358e9de99d6e1c9cdd348b53096873fa587d1211eb

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
194943
last-modified
Mon, 17 Jul 2023 06:35:11 GMT
server
AmazonS3
etag
"06ebcddae92efb5286fc424d8327d6e1"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 16 Aug 2023 21:50:28 GMT
usync.js
eus.rubiconproject.com/ Frame A02F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-217-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7de82ac3ba9a0880ac0aef261bc38b8ae6ad65a3573782d5e43b87ccf64ab52

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 21:50:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Aug 2023 15:09:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62278
Connection
keep-alive
Content-Length
10117
Expires
Thu, 10 Aug 2023 15:08:26 GMT
master.m3u8
cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/ 		429 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/master.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
019e68a7f6d1380236d370af2c17034d8830fc0ee77008f04c4b45f5b08b198b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:06:10 GMT
server
AmazonS3
etag
"925191dfcffcde0ba6257160d2c6983b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
188
config
c.amazon-adsystem.com/cdn/prod/ Frame 0A68 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3070&u=https%3A%2F%2Fwww.timesunion.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 18:49:48 GMT
via
1.1 f79910dd066cb79d5b224ab3f88841e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P4
age
10840
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.timesunion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
O1XrEqVbAYIN3HvB1PZNlNFe6g4-Rr3dUHbcaw2D8X8NeEqbK0vWDQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0A68 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 7813c3b749fe8e3a44c4359da4183e70.cloudfront.net (CloudFront)
date
Wed, 09 Aug 2023 10:15:34 GMT
x-amz-cf-pop
NRT57-P4
age
41695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
nHf7OR5-ASLOdlK5zvxIb90_3tt5D3gZUmrgS3ICQJ5DlDJBAZ_BYg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 0A68 		98 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3070&u=https%3A%2F%2Fwww.timesunion.com%2F&pid=hQhn3z3bLmlMk&cb=0&ws=1600x1200&v=23.725.1446&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A700%2C%22id%22%3A%22Hearst_Premium_Video_EXCO%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=2&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.176.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-176-135.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
662afd7e51b3a42956477685b664b269522f877c8c509754807cedff876b0f95

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
via
1.1 05e04c5e15a87c619e820e333918b7f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.timesunion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
98
x-amz-cf-id
qZiHwin8MYOybkdbINCOx7fDcnOHa7rXi6E67WyBggMWeMZcaKmGxg==
user-registering
ads.stickyadstv.com/ Frame C9A2 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.61.252.123 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1691617828884024-78
Expires
Wed, 09 Aug 2023 21:50:28 GMT
ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C9A2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
H2
Server
52.76.245.72 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-245-72.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZNQKFmk_ZsdbmBXGQXOHVgAAFOwAAAIB
date
Wed, 09 Aug 2023 21:50:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame C9A2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNQKFQAAAj5PRgAb
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNQKFQAAAj5PRgAb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-itm18850-ITM
pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1691617829.612757,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZNQKFQAAAj5PRgAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame C9A2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=RKtSE0L-BxFf_AYfEPwbQ0uuUh9frFcWF6n8wk3o
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=RKtSE0L-BxFf_AYfEPwbQ0uuUh9frFcWF6n8wk3o
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=RKtSE0L-BxFf_AYfEPwbQ0uuUh9frFcWF6n8wk3o
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C9A2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZNQKFcCo8XYAALhg1HQAAAAA
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZNQKFcCo8XYAALhg1HQAAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 09 Aug 2023 21:50:28 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"114.19.24.12","key":"ZNQKFcCo8XYAALhg1HQAAAAA","privacy_sensitive":false,"uid":"ZNQKFcCo8XYAALhg1HQAAAAA","upstream_id":"m-ad435"}
X-SO-Key
ZNQKFcCo8XYAALhg1HQAAAAA
X-SO-Upstream-ID
m-ad435
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad435.dc4p.scaleout.jp
X-SO-UID
ZNQKFcCo8XYAALhg1HQAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
114.19.24.12
X-SO-Cluster-ID
0
Server
nginx
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=ZNQKFcCo8XYAALhg1HQAAAAA
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
crum
dsum-sec.casalemedia.com/ Frame C9A2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662108052547365
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662108052547365
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:29 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
416
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662108052547365
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f4337093f781a19-KIX
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C9A2
Redirect Chain
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYncR6E9T8BkkKLE-lI
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYncR6E9T8BkkKLE-lI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 21:50:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYncR6E9T8BkkKLE-lI
Date
Wed, 09 Aug 2023 21:50:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/indexscod/1/cm/ Frame C9A2 		0
0
cookie_sync
rtb.channelexco.com/ Frame C9A2 		0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=12517&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=ZNQKFmk-ZsdbmBXGQXOHVgAA%265356
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D12517%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:28 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0
1235.json
id5-sync.com/g/v2/ 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 418E 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45090450&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D17163%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 09 Aug 2023 21:50:28 GMT
content-length
47
content-type
text/html; charset=UTF-8
jquery.fancybox.pack.js
n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.pack.js
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:32:46 GMT
content-encoding
gzip
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P4
age
530262
x-cache
Hit from cloudfront
content-length
8529
last-modified
Tue, 20 Jul 2021 12:13:16 GMT
server
-
etag
"5a2b-5c78cfa88ea38-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
urizYkqPPr8XzG-WWWrcj48Yx4wf9tfXmDlEakxssAI8oFm6QKf3mw==
expires
Sat, 02 Sep 2023 18:32:46 GMT
logo.svg
www.timesunion.com/img/logos/black/ 		327 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timesunion.com/img/logos/black/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
425298
x-cache
HIT
content-length
70959
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 18:06:58 GMT
server
Apache
x-timer
S1691617829.695563,VS0,VE1
etag
"51afb-6015398dfb45c"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
9
pool_GettyImages-1304928779.jpg
n730.timesunion.com/rest/v2/dialogues/files/36b7d1fb-ee57-4633-b314-dda690c7e236/ 		482 KB
483 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n730.timesunion.com/rest/v2/dialogues/files/36b7d1fb-ee57-4633-b314-dda690c7e236/pool_GettyImages-1304928779.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
9ce3992d74ea4e434774d379e3d2ac8d675a57cd18ed0e95e5edb04447f7b2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:55:34 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
age
791694
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
493075
x-xss-protection
1; mode=block
last-modified
Sun, 30 Jul 2023 17:55:34 GMT
server
-
etag
70eb3dc88f0d23a008f791f601ad7c96
content-type
image/jpeg
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
a-zzRSCWoeUN3M2dUbawBGRtO2lSLuGa8FWzApnKL9nrS03LG7dlvA==
expires
Tue, 30 Jul 2024 17:55:34 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A28%2B09%3A00&ts=1691617828684
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
47a425a3ad3fb185e6fda8b638e78267ea4b2a54d2735bef4abd0c2f3df82b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5194
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
CuhWcgtPBoVrZXVwYnUqZQQIeq6iKnJ64SxSLpjZGlBoNikR79QwXg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie_sync
rtb.channelexco.com/ Frame 5E3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.channelexco.com/cookie_sync?bid=17163&srv=channelexco.com&cuid=da17683d-4cbe-404a-a044-ac562d908b07&uid=1B30ECC2-32A5-4C63-9767-37CD2B4200CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Frtb.channelexco.com%2Fcookie_sync%3Fbid%3D17163%26srv%3Dchannelexco.com%26cuid%3Dda17683d-4cbe-404a-a044-ac562d908b07%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Wed, 09 Aug 2023 21:50:28 GMT
expires
0
pragma
no-cache
server
openresty
vary
Origin
cookie_sync
rtb.channelexco.com/ Frame A02F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136&khaos=LL49KHU4-18-JMIW
  • https://rtb.channelexco.com/cookie_sync?bid=12295&srv=channelexco.com&uid=LL49KHU4-18-JMIW
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.channelexco.com/cookie_sync?bid=12295&srv=channelexco.com&uid=LL49KHU4-18-JMIW
Protocol
H2
Server
23.81.164.160 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 21:50:29 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
openresty
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb.channelexco.com/cookie_sync?bid=12295&srv=channelexco.com&uid=LL49KHU4-18-JMIW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
encoded-3.m3u8
cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/ 		777 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/encoded-3.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b9fd8db15e364941bc96e964e7b0454a8b7eb7a7c1b18c1d804c5df0aefb0a2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:06:10 GMT
server
AmazonS3
etag
"3ab5f13daa494b289bdb8e748d06c87d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216
jquery.fancybox.css
n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.css
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/plugin/plugin/6be5175aa22a375c998b72c197cac314
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
27eb87df8f4eb3164ad81ff266aed79d50a33f6869c249ee27ac80ad0c1e3dc2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 18:28:57 GMT
content-encoding
gzip
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P4
age
1221691
x-cache
Hit from cloudfront
content-length
1429
last-modified
Tue, 20 Jul 2021 12:13:16 GMT
server
-
etag
"13d2-5c78cfa879a48-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
a9FICELZQRFNBvwG4pyIBnkM5at1PvBAZJ4gab2-VtJ313QAWSK9kA==
expires
Fri, 25 Aug 2023 18:28:57 GMT
lightbox.css
n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/css/ 		219 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/css/lightbox.css
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/plugin/plugin/6be5175aa22a375c998b72c197cac314
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
e4058b846286433d019ff33bb22b2eca434c9d36249df436d5a3c623825674d0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:15:28 GMT
content-encoding
gzip
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P4
age
2003700
x-cache
Hit from cloudfront
content-length
174
last-modified
Tue, 20 Jul 2021 12:13:15 GMT
server
-
etag
"db-5c78cfa825e70-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
eyFJzA13RFaB1GijTZGKhxCI6v0lcvo-jaCcmllyLpa1S1d6WVSgNA==
expires
Wed, 16 Aug 2023 17:15:28 GMT
file_3_000.ts
cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/ 		383 KB
346 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/file_3_000.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cbb7d356d2c69c6cb5427a0e71cfc311a4c857ef94e5ee086eedcfe2209a638

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:06:10 GMT
server
AmazonS3
etag
"6921ceb36e628602c6609aa6cdda9e40"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
353417
16178f16-49e7-4d6e-ba1b-1c6b1093c6ae
https://www.timesunion.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/16178f16-49e7-4d6e-ba1b-1c6b1093c6ae
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
logo.svg
www.timesunion.com/img/logos/black/ 		327 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timesunion.com/img/logos/black/logo.svg
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/plugin/library/bf4ff87aa36ae5dc8680f1d66f5e6504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
age
425299
x-cache
HIT
content-length
70959
x-served-by
cache-itm18838-ITM
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jul 2023 18:06:58 GMT
server
Apache
x-timer
S1691617829.897559,VS0,VE1
etag
"51afb-6015398dfb45c"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
375
accept-ranges
bytes
x-cache-hits
10
pool_GettyImages-1304928779.jpg
n730.timesunion.com/rest/v2/dialogues/files/36b7d1fb-ee57-4633-b314-dda690c7e236/ 		482 KB
483 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n730.timesunion.com/rest/v2/dialogues/files/36b7d1fb-ee57-4633-b314-dda690c7e236/pool_GettyImages-1304928779.jpg
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/plugin/library/bf4ff87aa36ae5dc8680f1d66f5e6504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
9ce3992d74ea4e434774d379e3d2ac8d675a57cd18ed0e95e5edb04447f7b2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 17:55:34 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
age
791694
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
493075
x-xss-protection
1; mode=block
last-modified
Sun, 30 Jul 2023 17:55:34 GMT
server
-
etag
70eb3dc88f0d23a008f791f601ad7c96
content-type
image/jpeg
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
z5M_fLAwMRSe4TzcM5XjnFQMeXCk8xJwRVnt9zsXMK482ZyU-fYt2Q==
expires
Tue, 30 Jul 2024 17:55:34 GMT
css
fonts.googleapis.com/ 		11 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:400,700|Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
ESF /
Resource Hash
d6815bb23d212cd56c26af81ecbce4edcafd68b02c060ac65de839266e0812d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 21:50:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Aug 2023 21:50:28 GMT
encoded-1.m3u8
cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/ 		777 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/encoded-1.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f901667db070b90c219ae6119234301ecd8e82e538e42d3097a2658c803ae1cf

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:06:10 GMT
server
AmazonS3
etag
"8270d6c097805117854ee28cb1a56a36"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
216
iu3
s.amazon-adsystem.com/ Frame 25D8 		64 B
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
64
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 09 Aug 2023 21:50:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FQ4AR9GB2GNNNM6KM0DN
events
e.channelexco.com/ 		0
0
file_1_000.ts
cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/ 		440 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/49c34aef-a15d-4521-a998-e57314b55c93/file_1_000.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.7.39.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:50:29 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:06:10 GMT
server
AmazonS3
etag
"51608d5bddc34714083ebd514a84224c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
548119
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700|Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.3 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 05:32:32 GMT
x-content-type-options
nosniff
age
404277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 05:32:32 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700|Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.3 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.timesunion.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 15:42:18 GMT
x-content-type-options
nosniff
age
454091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 15:42:18 GMT
147
n730.timesunion.com/DG/DEFAULT/rest/rpc/ 		191 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://n730.timesunion.com/DG/DEFAULT/rest/rpc/147?referer=https%3A%2F%2Fwww.timesunion.com%2F&bcsessionid=da0abda4-b397-49a7-bba6-8a62ba27448b&bctempid=&overruleReferrer=&time=2023-08-10T06%3A50%3A29%2B09%3A00&ts=1691617829053
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
3ef31b30bae4b7f66ebae29e4cfc9f8beed0a43e528a347554e5e5be2e2cbe9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.timesunion.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 21:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
NRT57-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
152
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.timesunion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
4busMVaFnMeC_3bdgcnRvOtbDE7qw5TNNkmOZUEAdqeS2skSnVFi_g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=141382141&t=event&ni=1&_s=8&dl=https%3A%2F%2Fwww.timesunion.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic%20-%20Welcome%20Ad&ea=view&el=ALBY%20TU%20Welcome%20Ad%20NonArticle%20-%20Act%20Now%20-%20Seasonal%20Sale%20View&_u=6CDAiEABBAQCAGAOI~&jid=&gjid=&cid=1396311492.1691617812&tid=UA-1616916-7&_gid=1559938092.1691617815&_av=2.4.1&_au=21&cd1=home&cd2=home&cd3=home&cd4=home&cd5=home%20page&cd6=Home&cd7=4654&cd11=2010-05-21&cd12=2023-07-17%2016%3A39%3A18&cd13=4830&cd14=03&cd15=wcm&cd16=timesunion&cd18=Not%20Entitled&cd19=abDisabled&cd20=510d1172f4b60283dd404611ddbaf2e7&cd21=2023-08-10T06%3A50%3A11.627%2B09%3A00&cd23=1396311492.1691617812&cd34=1&cd35=1&cd47=free&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cd53=tc&cd61=(not%20set)&cd62=visible&cd63=false&cd66=exco&cd68=0&cd69=false&cd70=false&cd75=design%2Fchannel%2Fdynamic_two_column.tpl&cd77=H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t%2FKOa4%3D&cd79=Times%20Union%20-%20Times%20Union&did=i5iSjo&cd29=Logged%20Out&cd80=Score%3A1%7Cf_kb%3A0&z=1782759535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.timesunion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23203
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame DC27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.234 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.timesunion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
age
144664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 05:39:25 GMT
expires
Wed, 07 Aug 2024 05:39:25 GMT
last-modified
Wed, 02 Aug 2023 14:27:41 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/control/ Frame 743E 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 21:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 09 Aug 2023 22:37:02 GMT
integrator.js
adservice.google.com/adsid/ 		0
0
fancybox_sprite.png
n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/fancybox_sprite.png
Requested by
Host: n730.timesunion.com
URL: https://n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.216.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-216-13.nrt57.r.cloudfront.net
Software
- /
Resource Hash
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://n730.timesunion.com/gallery/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 05:47:12 GMT
via
1.1 c0747edfa80c012292a6f7924d50bb2e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jul 2021 12:13:15 GMT
server
-
x-amz-cf-pop
NRT57-P4
age
2044997
etag
"552-5c78cfa84d358"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1362
x-amz-cf-id
H1p_fN1TE4W_yBsn9TAhTbYfu0GFcRAoEMSSCpDd7u3pRCgrGuaAsg==
expires
Wed, 16 Aug 2023 05:47:12 GMT
cookie_sync
rtb.channelexco.com/ Frame 1EAE 		0
0
smartadserver
sync.1rx.io/usersync2/ Frame 1EAE 		0
0
getuid
secure.adnxs.com/ Frame 1EAE 		0
0
smart
sync.adotmob.com/cookie/ Frame 1EAE 		0
0
/
dsp.adfarm1.adition.com/cookie/ Frame 1EAE 		0
0
collector
www.timesunion.com/413gkwMT/xhr/api/v2/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.ctpost.com
URL
https://p.ctpost.com/home%20page?i=4654&s=timesunion&ts=1691617812153
Domain
gtm-kw6hw69-m2q2n.uc.r.appspot.com
URL
https://gtm-kw6hw69-m2q2n.uc.r.appspot.com/g/collect?v=2&tid=G-WE0RM2ZY79&gtm=45je3870&_p=141382141&cid=1396311492.1691617812&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=JP&sst.ngs=1&sst.etld=google.co.jp&sst.us_privacy=1---&_s=2&sid=1691617812&sct=1&seg=1&dl=https%3A%2F%2Fwww.timesunion.com%2F&dt=Times%20Union%20-%20Times%20Union&en=page_view&_et=2&richsstsse
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
www.timesunion.com
URL
https://www.timesunion.com/413gkwMT/xhr/assets/js/bundle
Domain
www.timesunion.com
URL
https://www.timesunion.com/413gkwMT/xhr/b/c/beacon
Domain
sync.taboola.com
URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZNQKFmk-ZsdbmBXGQXOHVgAA%265356&gpp=&gpp_sid=
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/1235.json
Domain
e.channelexco.com
URL
https://e.channelexco.com/events
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
adservice.google.com
URL
https://adservice.google.com/adsid/integrator.js?domain=www.timesunion.com
Domain
rtb.channelexco.com
URL
https://rtb.channelexco.com/cookie_sync?bid=11395&srv=channelexco.com&uid=3428615102313504314&gdpr=0&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
Domain
www.timesunion.com
URL
https://www.timesunion.com/413gkwMT/xhr/api/v2/collector

Verdicts & Comments Add Verdict or Comment

503 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 function| $ function| jQuery boolean| tregEnabled object| treg string| version object| check object| isMobile string| userAgent boolean| mobile boolean| iPhone boolean| faceBookApp boolean| mobileSafari boolean| richieApp boolean| instaGramApp boolean| googleSearchAppliance object| HDN object| Channel number| refreshId function| __handleUspapiMessage function| __uspapi function| __gpp function| __gpp_msghandler function| __gpp_addFrame object| hnpdnsValue string| thisCookie object| dataLayer object| requestTime string| omni_channelPath string| omni_title string| omni_bizObjectId string| omni_className string| omni_publicationDate string| omni_sourceSite string| omni_paywallSite object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| TregManager function| startRevWorker object| aps boolean| debugSGA string| APSpageUrl object| devices object| prebid_source object| sizeLimitation string| JuicePageUrl object| googletag object| pbjs string| loadAd_UrlLocation function| gtag number| current_device function| hearstGetVideoAdTagSize function| hearstGetVideoAdTag function| defineTags function| hearstPlaceAd function| hearstRefreshAds function| hearstRefreshInterstitialAds object| ntvConfig object| permutive object| apstag object| PWT object| pbjsChunk object| _pbjsGlobals object| bo string| juiceservice number| APSpageID string| APSGenerationID boolean| APSResponsiveDesign object| definedTags string| str object| ensBootstraps object| Bootstrapper function| bcImpression function| bcTrackEvent function| bcTrackData object| abd function| ens_countImpression boolean| _taboolaNetworkMode object| _taboola string| _taboolaHDNPageLabel object| _sf_async_config object| blueConicPreListeners function| BCClass object| blueConicClient object| detection string| playerId boolean| USER_TOUCH object| Criteo object| Oidc function| realmiFrameResize string| socialProvider function| initializeModule object| _aps boolean| apstagLOADED object| apscustom object| _cb_shared object| owpbjsChunk object| owpbjs function| comScoreBeacon string| cScript string| hnpMeasurementID string| ga4ID function| addHnpVisitSession function| hnpVisitSessionNew function| hnpVisitSessionKeepAlive function| hnpVisitSessionUpdateUtm function| uuidv4 function| addHnpHitVars number| hnpVisitTs string| hnpUrlHash string| hnpIpid string| hnpIpidHash string| hnpSessionReferrer string| hnpSessionReferrerDomain string| hnpUtmSource string| hnpUtmSourceHash string| hnpUtmMedium string| hnpUtmMediumHash string| hnpUtmCampaign string| hnpUtmCampaignHash function| PX413gkwMT_asyncInit string| excoPixelUrl function| addMatherAnalytics function| onJuiceRefreshable function| fbq function| _fbq function| rdt function| getPixelId string| currentDomain function| fbTrackSlideshowView number| adBlockCheck object| currentDomainArr object| GlobalSnowplowNamespace function| snowplow function| twq function| commerceConnectorAnalytics object| __hrst_com_embed_setup function| addSkimlinksJs object| skimlinks_settings function| enhanceSkimlinks function| hnpTrackonomicsEnhance function| hnpUpdateCustomTrackingParam function| onJuiceEvent_SlotRendered object| HNPutilities object| site_settings object| helpers function| s_HearstLinkTracking function| omniModalLinkTrack function| omniModalLogin function| omniModalLoginFail function| omniModalSubscribe function| omniBlogPhotoLoad function| ens_track_slideshow function| pushGAClickEvent object| omni object| authUtilities object| s2nData function| ga object| gaDevIds object| gaplugins object| pageHostArr object| GAutilities object| cDim object| cMet object| gaFieldObject object| ess function| setCommonDimensions function| initializeGATracking string| GoogleAnalyticsObject number| _sf_endpt object| _cbq function| setDetails object| getDetails string| ga_account object| cross_domains string| sitePlatform function| entitlementStatusString object| currentDomainArray string| monthlySession boolean| viewableCheck boolean| maskCheck string| _pxAppId object| PX413gkwMT object| PX undefined| _413gkwMThandler object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| stopSetInterval function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| p391885363 string| p391885418 number| p391885419 function| p391885477 function| oAddDVTag_ function| oGetPageStats_ function| p391885448 function| oGetSlotRenderedLineItemIdByDivId_ function| p391885443 function| p391885440 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p391885437 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p391885420 function| p391885416 function| p391885473 function| p391885414 function| p391885426 function| p391885423 function| p391885421 function| p391885397 function| p391885402 function| p391885388 function| p391885387 function| p391885385 function| p391885378 function| oEnableNullChecklistener_ function| p391885430 function| p391885369 function| oPageUnload function| p391885298 function| p391885303 function| oSetDataParam function| p391885422 number| p391885288 string| p391885289 object| p391885290 object| p391885291 boolean| p391885292 number| p391885294 number| p391885295 object| p391885316 string| p391885358 number| p391885299 object| p391885366 string| p391885334 string| p391885335 object| p391885372 number| p391885373 boolean| p391885377 number| p391885379 boolean| p391885381 boolean| p391885431 boolean| p391885406 boolean| p391885433 boolean| oObserverChanges_ boolean| p391885432 boolean| p391885434 boolean| oAudienceListenerEnabled_ object| p391885383 string| oDevice string| p391885471 number| p391885474 string| oParentHostname_ string| oParentPathname_ boolean| p391885384 boolean| p391885386 number| p391885401 boolean| p391885403 number| p391885404 object| p391885393 object| oAdSlots_ object| otkjs boolean| p391885424 boolean| p391885425 object| optimeraInsights string| p391885435 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p391885446 object| p391885447 boolean| oEnableInfiniteScrollUrls_ boolean| p391885442 object| p391885445 object| p391885449 boolean| oHasStnVideo_ object| p391885472 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ object| oDumpedDivs_ object| p391885476 string| p391885343 function| p391885296 string| p391885297 boolean| p391885365 boolean| p391885345 object| p391885344 number| p391885347 undefined| p391885451 undefined| p391885452 object| opbjs object| oaudLibjs object| ovpjs number| p391885346 function| onYouTubeIframeAPIReady object| gaGlobal object| COMSCORE object| ns_p object| bc_json148 object| bc_json149 object| bc_json151 object| _scrollWatcherCollectionContainer object| scrollWatcher undefined| _channelBodyScrollProgressCollectionContainer object| progressStates object| shareElement object| iframes object| p391885371 undefined| google_measure_js_timing function| ttd_dom_ready function| TTDUniversalPixelApi object| _cbm object| oDv number| p391885300 object| prodKObj string| oUrl_ object| bc_json152 object| optimera number| oIndex4_ number| p391885315 object| bc_json150 object| GooglebQhCsO string| currentContentType object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| twttr object| webVitals function| sendWebVitalsToGA function| sendWebVitalsToSnowplow undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| PARSELY function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter number| _tb_vpmd object| _mather object| _matherq function| InteractionTypeImpl string| token object| zen object| tid object| FingerprintJS object| _bcp object| Mustache function| BlueConicMetaDataService function| RuleService function| BlueConicEngagement object| justDetectAdblock function| md5 object| bcConnectionUtil function| BlueConicDataLayerUtility object| bc function| injectScript function| injectScriptSynchronously string| domain string| key object| bc_deferreds object| ensPaymeter object| HDN.dataLayer.identity string| _zenId object| _pmk function| TBWidgetFacebook function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg string| userType string| _tbl_unified_id string| _tbl_user_type number| google_unique_id object| fieldObject object| gaData object| bc_json153 object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 object| Sailthru object| criteo_pubtag_prebid_140 object| Criteo_prebid_140 object| tbopt object| GoogleGcLKhOms

204 Cookies

Domain/Path Name / Value
n730.timesunion.com/DG/DEFAULT Name: BCSessionID
Value: da0abda4-b397-49a7-bba6-8a62ba27448b
hearst.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: da0abda4-b397-49a7-bba6-8a62ba27448b
.3lift.com/sync Name: sync
Value: CgkIOhCp2p3inTE=
claim-refund-irs.misecure.com/ Name: PHPSESSID
Value: ecd2117bd7245eef09eacce3bcf4f2e9
www.timesunion.com/ Name: _pxhd
Value: d3b586d8ba2cc7bf418525460fca890a4b6b6c2d9e7944f1ba08d501cd7f82e3:b59c4e7a-36fe-11ee-a2c8-a06ff798ce28
www.timesunion.com/ Name: btype
Value: web
www.timesunion.com/ Name: location_data
Value: {"is_eu":false,"country_code":"JP","postal_code":"1"}
.timesunion.com/ Name: hnpdiudpf1
Value: sv+hyn1tqAiNRoWDLheDW2u4vFJHdITBXyP6SvBitqU=
.timesunion.com/ Name: hnpdiudpf2
Value: H03tiPTXdxedjXEvxIPLMUydQcDwZaJuekaB5t/KOa4=
.timesunion.com/ Name: hnpde
Value: eyJ0aW1lc3RhbXAiOjE2OTE2MTc4MDkxODQsImZfa2IiOjAsImlwY19pZCI6W119
www.timesunion.com/ Name: ab_bucket
Value: 8
.aps.hearstnp.com/ Name: ARRAffinitySameSite
Value: 36dc233fb561dd672591843f0470bf4020b45b3a0dcf3d2b8876d63d4a39b551
.timesunion.com/ Name: bc_tstgrp
Value: 9
www.timesunion.com/ Name: realm.cookiesAndJavascript
Value: true
www.timesunion.com/ Name: s_abd
Value: {"first":false,"test":"","result":"","last":false}
www.timesunion.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.timesunion.com/ Name: ga_cd34
Value: 1
.timesunion.com/ Name: ga_cd35
Value: 1
.timesunion.com/ Name: _cb
Value: cLGXoBLw2V1Cm7mc4
.timesunion.com/ Name: _chartbeat2
Value: .1691617811722.1691617811722.1.DbMIDmDgasbnDR7I07Dz89AVCjwM4_.1
.timesunion.com/ Name: _cb_svref
Value: null
www.timesunion.com/ Name: _pxvid
Value: b59c4e7a-36fe-11ee-a2c8-a06ff798ce28
www.timesunion.com/ Name: pxcts
Value: b72598d0-36fe-11ee-ac83-767543447954
.timesunion.com/ Name: permutive-id
Value: 83b2be2d-e0f0-45d5-8b3b-b3965a274e62
.adnxs.com/ Name: uuid2
Value: 2546882368749204855
.0272ac85-5199-4024-a555-397c3d825d95.prmutv.co/ Name: pxid
Value: 3282df75-9804-42a3-ab19-f423fa979e04
.scorecardresearch.com/ Name: UID
Value: 133132ee77d966fa9c31d8b1691617812
.adsrvr.org/ Name: TDID
Value: 63eeee38-aa0d-41c4-9eaa-932b32d94862
.timesunion.com/ Name: _gcl_au
Value: 1.1.1831429709.1691617812
.timesunion.com/ Name: _rdt_uuid
Value: 1691617812483.a95f178a-9cec-4bcd-81c8-822177fc81f3
.timesunion.com/ Name: _sp_ses.5287
Value: *
.demdex.net/ Name: demdex
Value: 00069945874259815210930556552377628446
.openx.net/ Name: i
Value: 2f87865a-18f7-07ca-0fa8-23fc524a265c|1691617812
.dpm.demdex.net/ Name: dpm
Value: 00069945874259815210930556552377628446
www.timesunion.com/ Name: ntv_as_us_privacy
Value: undefined
.rubiconproject.com/ Name: khaos
Value: LL49KHU4-18-JMIW
.timesunion.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.timesunion.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1691617812776%2C%22slts%22:0}
.timesunion.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=a3f0c646-12e7-4abf-8fd6-4d805050e2f4%22%2C%22session_count%22:1%2C%22last_session_ts%22:1691617812776}
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: WIDWKBiqz32BWZlLC-QKCQ-z96K14dM
.doubleclick.net/ Name: IDE
Value: AHWqTUnIAJmbSc_gDip6DnU97_XVoMUq65q-D-Nr5dBYHpsBEdfeRaceSOnJNIKOuuI
.amazon-adsystem.com/ Name: ad-id
Value: AxStqK5kx0HFgG6L5P7ah3Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2GU#eMgI^!fss0=Ir4A3KL9D3I?-eO-wGt
.yahoo.com/ Name: A3
Value: d=AQABBBUK1GQCED76_4RGAqqrErIms4ILsS0FEgEBAQFb1WTdZGCZyyMA_eMAAA&S=AQAAAjoPAbotDyAPCDxAwhskFRk
.timesunion.com/ Name: _ml_id
Value: 1d9188df-efb5-4272-93b8-a14254a1d000.1691617813.1.1691617813.1691617813
.timesunion.com/ Name: _ml_ses
Value: *
.timesunion.com/ Name: _fbp
Value: fb.1.1691617813494.1701705887
.gumgum.com/ Name: vst
Value: a_604dcf1c-b84d-49d3-b59e-19e1e9e912fa
.socdm.com/ Name: SOC
Value: ZNQKFcCo8XYAALhg1HQAAAAA
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169161781370410651
.twitter.com/ Name: guest_id_ads
Value: v1%3A169161781370410651
.twitter.com/ Name: personalization_id
Value: "v1_ywz1Oo/ULmfBQYnf02oD1A=="
.twitter.com/ Name: guest_id
Value: v1%3A169161781370410651
.t.co/ Name: muc_ads
Value: 34b69b0d-e91a-4b3f-ae86-506067ff2b27
sp-t-hearstnewspapers.com/ Name: sp
Value: 69b109ce-fb52-4d74-85c9-3bada7e789b1
.bluekai.com/ Name: bku
Value: YCD99ODvNsH3GtTN
www.timesunion.com/ Name: BCSessionID
Value: da0abda4-b397-49a7-bba6-8a62ba27448b
.3lift.com/ Name: tluid
Value: 4412166927166683519015
.sharethrough.com/ Name: stx_user_id
Value: f2dddfbb-d462-4134-bcc4-d7069d2755d3
.yieldmo.com/ Name: yieldmo_id
Value: 3mRviaa11Sa5OsBwEJnd%7C1691539200000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1175574%7Cunl%3D1175574%7Cc%3D1175574%7Ct%3D1175574%7Cdv360%3D1175574
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1B30ECC2-32A5-4C63-9767-37CD2B4200CF
.pubmatic.com/ Name: DPSync3
Value: 1692748800%3A201_245_226%7C1691625600%3A248
.bidswitch.net/ Name: tuuid
Value: 0035c957-f895-4a06-acbe-4b96f626c00a
.bidswitch.net/ Name: c
Value: 1691617813
.turn.com/ Name: uid
Value: 4585599552386632809
.bidswitch.net/ Name: tuuid_lu
Value: 1691617814
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjkxNjE3ODEyLCJwdWJtYXRpYyI6MTY5MTYxNzgxNH0
.ladsp.com/ Name: lum
Value: CKfMneKdMRIFCAMQ0AUSBQgKEJAN
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZNQKFQAAAj5PRgAb
.360yield.com/ Name: tuuid
Value: 499cea1e-0c48-462f-8af6-4b951b5de04d
.360yield.com/ Name: tuuid_lu
Value: 1691617814
.tapad.com/ Name: TapAd_TS
Value: 1691617814288
.tapad.com/ Name: TapAd_DID
Value: 2894cfd7-9e5f-48ec-9189-2a8cfd2b7e03
.pubmatic.com/ Name: KRTBCOOKIE_656
Value: 12671-ZNQKFcCo8XYAALhg1HQAAAAA&KRTB&23509-ZNQKFcCo8XYAALhg1HQAAAAA&KRTB&23514-ZNQKFcCo8XYAALhg1HQAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_629
Value: 11487-AdYgxazyGgM6ks8AD7P3orXh088AAAGJ3EdmJw
.timesunion.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.timesunion.com/ Name: _ga
Value: GA1.2.1396311492.1691617812
.timesunion.com/ Name: _gid
Value: GA1.2.1559938092.1691617815
.timesunion.com/ Name: _gat_hnp
Value: 1
.ipredictive.com/ Name: cu
Value: cbc3cb67-e9f0-487f-9ece-f5c767a55b1e|1691617814555
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5.oYitigpBLN%2FIQH5GoNlfN%2FfaPjxbfwdx5Qiz0WnWMiY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5f7d6f2f-d1d9-4863-6924-bab50723a6e5.oYitigpBLN%2FIQH5GoNlfN%2FfaPjxbfwdx5Qiz0WnWMiY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AX31vL9HZSGNpJLq1ByOm5Q.HhcWxcJLJF0e94O6%2BJ5e2wMJs4nxhNAqRuw9cAJJF3I
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AX31vL9HZSGNpJLq1ByOm5Q.HhcWxcJLJF0e94O6%2BJ5e2wMJs4nxhNAqRuw9cAJJF3I
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPip_TU1YKjmdFhOporpkWCyHPNi6jaACEWUbvwxw6oQEHwYAiCWlNCmBjoEoZXsjkIEBRYVGA.x8Fp3Gu0U7FHqp5otAaDDO60qSXwcelA1zXnVtD0h7Y
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPip_TU1YKjmdFhOporpkWCyHPNi6jaACEWUbvwxw6oQEHwYAiCWlNCmBjoEoZXsjkIEBRYVGA.x8Fp3Gu0U7FHqp5otAaDDO60qSXwcelA1zXnVtD0h7Y
hearst.blueconic.net/ Name: AWSALBCORS
Value: ovCvz6OQOsH+bEJaciH1fcvB7e3lLu1gCtDKgAfkPAkB/Cig+GJjAQZQ9SI57/B5BiKOEmXo4IJiPJw5W0KisiEIhad4G3KzjsG9SmD0N1ikAyg184onzXMHCh6/
.simpli.fi/ Name: suid
Value: D6760D4DB5F94F92A06BCCFBD3FDA6C8
.casalemedia.com/ Name: CMPS
Value: 5356
.postrelease.com/ Name: visitor
Value: e71aa0c1-88ff-4e6f-bdcf-f72dbebd24ee
.postrelease.com/ Name: status
Value: 0
www.timesunion.com/ Name: ntvSession
Value: {"id":2383256,"placementID":1115388,"lastInteraction":1691617814782,"sessionStart":1691617814782,"sessionEndDate":1691679600000,"experiment":""}
www.timesunion.com/ Name: _ntv_uid
Value: e71aa0c1-88ff-4e6f-bdcf-f72dbebd24ee
.zemanta.com/ Name: zuid
Value: SpoYyQYgU8ZJgVTdZ9LS
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPGTW2J-eZnFngbPpvvV058&KRTB&23025-CAESEPGTW2J-eZnFngbPpvvV058&KRTB&23386-CAESEPGTW2J-eZnFngbPpvvV058
.ads.yieldmo.com/ Name: ptrc
Value: CAESEFeVAKMnkMsl1wd2sKkEVWI
.ads.yieldmo.com/ Name: ptrt
Value: 63eeee38-aa0d-41c4-9eaa-932b32d94862
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.quantserve.com/ Name: mc
Value: 64d40a16-c08bc-d91d8-3a1e6
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5325
.timesunion.com/ Name: __gads
Value: ID=674c06275fe43673:T=1691617814:RT=1691617814:S=ALNI_Mbac-9qMAH1Jawo3NIs7zl3ai4_vQ
.timesunion.com/ Name: __gpi
Value: UID=00000c29d6e9a6f5:T=1691617814:RT=1691617814:S=ALNI_MbcLN0ArkrT0yxrb6ZnFLMFiuLCrQ
.contextweb.com/ Name: V
Value: Ev8fwcEpi5eG
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1m74|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0d5058519b708ec4
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 20b4e5d1eaa64c2b78d966a265d5ad97
.casalemedia.com/ Name: CMID
Value: ZNQKFmk-ZsdbmBXGQXOHVgAA
.casalemedia.com/ Name: CMPRO
Value: 5356
.onetag-sys.com/ Name: OTP
Value: mQcPUMHqDGozoLMWoPard5rW6A_ETEOFbSiCz1wZoz8
.bidr.io/ Name: bito
Value: AAHT2U7JqBQAACS4iMx9tQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.postrelease.com/ Name: ver
Value: 1
www.timesunion.com/ Name: sailthru_pageviews
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-eefa8192-70c3-4235-84a2-85294b02891d-004%22%2C%22nxtrdr%22%3Afalse%7D
.creativecdn.com/ Name: u
Value: ZecuR8wiA1Rq8TMaxUUT
.creativecdn.com/ Name: ts
Value: 1691617814
.mathtag.com/ Name: uuid
Value: e49264d4-0a17-4000-b5ba-3c07d55b35b8
.rlcdn.com/ Name: rlas3
Value: /HWjEy8/3k/LI93qTrP4tRo+P+5gw3whLR5QdaPW4bQ=
.semasio.net/ Name: SEUNCY
Value: 913444956AEFAA5E
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKjLE/bMlOZZxqNL8WPEj6k1Sj+craBfhhWDqHVhUFemAc9yLo+xAZGhLWkwIp3MPvAUJ+gL7gixd6Fb3n+lKMOeh5sP1cjcqE=
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-eefa8192-70c3-4235-84a2-85294b02891d-004%22%7D
.send.microad.jp/ Name: TR
Value: 54d72b547e987d6ca5694de316b0e5ed5d8c00003df71df2
.rlcdn.com/ Name: pxrc
Value: CJeU0KYGEgUI6AcQABIGCO25KxAA
.ads.yieldmo.com/ Name: ptrrc
Value: LL49KHU4-18-JMIW
.nrich.ai/ Name: _nauid
Value: e4a15563-f632-4461-8f40-0d0632054511
.linkedin.com/ Name: bcookie
Value: "v=2&632dea0e-1b7e-44b3-8a1b-3fb8cce94562"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3109:u=1:x=1:i=1691617815:t=1691704215:v=2:sig=AQG1XBuo96lN9HEQEELT4ADbSRURA5rW"
.adform.net/ Name: C
Value: 1
.ads.yieldmo.com/ Name: ptrunl
Value: RX-eefa8192-70c3-4235-84a2-85294b02891d-004
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-0035c957-f895-4a06-acbe-4b96f626c00a
.adotmob.com/ Name: uid
Value: 096b2204205c250a2dff710e
.adotmob.com/ Name: uuid
Value: 096b2204205c250a2dff710e
.adotmob.com/ Name: partners
Value: IX%3A1691617815544
.openx.net/ Name: pd
Value: v2|1691617812.1.2|lYvOiajEiuhI.uIjIvGlQlU.vH
.adform.net/ Name: uid
Value: 3735528708331917475
.admanmedia.com/ Name: admtr
Value: 11927982-9abf-4e79-b649-e54149dd16ce
.admanmedia.com/ Name: ac_r
Value: CS71
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-63eeee38-aa0d-41c4-9eaa-932b32d94862&KRTB&22918-63eeee38-aa0d-41c4-9eaa-932b32d94862&KRTB&23031-63eeee38-aa0d-41c4-9eaa-932b32d94862
.r-ad.ne.jp/ Name: r_ad_token
Value: 55mLoG003BDDa007ZOGp
.uuidksinc.net/ Name: jcsuuid
Value: itWUPgfr2h5qXHTtjdB4
.outbrain.com/ Name: obuid
Value: 700b0404-aef8-4a22-aeba-bd624e22e89f
.smartadserver.com/ Name: pid
Value: 3428615102313504314
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3735528708331917475&KRTB&23263-3735528708331917475&KRTB&23481-3735528708331917475
pool.admedo.com/ Name: tuuid
Value: 57fac68b-d9a6-4dcd-bf6a-9610d580aa5b
pool.admedo.com/ Name: c
Value: 1691617816
pool.admedo.com/ Name: tuuid_lu
Value: 1691617816
www.timesunion.com/ Name: sailthru_visitor
Value: 49fb7237-0ea6-4b73-86f5-535d13cc45cb
.brand-display.com/ Name: _knxq_
Value: 30a99166-7151-a189-c6cebdc2.1691617816.0.1691617816.1691617816
.yandex.ru/ Name: yuidss
Value: 3631832511691617816
.yandex.ru/ Name: yandexuid
Value: 3631832511691617816
.adkernel.com/ Name: ADKUID
Value: A6409972205841127029
.quantserve.com/ Name: d
Value: EFwBFQHVKYEO-TD9r7EA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2d99:18y3~2d99:18yx~2d99:18z8~2d99"
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4585599552386632809&KRTB&23150-4585599552386632809
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL&KRTB&19420-Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL&KRTB&22979-Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL&KRTB&23403-Udwk4FeJceJKi3DsBYttsF7ZJOxK2yHlAt4icwRL
.uncn.jp/ Name: t
Value: v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3
.pubmatic.com/ Name: KRTBCOOKIE_1201
Value: 23170-v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3&KRTB&23180-v_7c9702e4-9fec-4d49-bb83-6ee6ad3f2ee3
.ad-m.asia/ Name: uid
Value: 1HN5WQUBRkT
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2546882368749204855&KRTB&23339-2546882368749204855
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A6409972205841127029
.gammaplatform.com/ Name: _aGeoIp
Value: DE|Stuttgart
.gammaplatform.com/ Name: _aUID
Value: wle8ocr2vdd0
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-wle8ocr2vdd0&KRTB&23446-wle8ocr2vdd0&KRTB&23465-wle8ocr2vdd0
.admatrix.jp/ Name: uid
Value: 6593e977-29b0-40cf-9fed-f33dbee17b26
.pubmatic.com/ Name: KRTBCOOKIE_943
Value: 19522-8xbcezPI8FH&KRTB&23501-8xbcezPI8FH
www.timesunion.com/ Name: _px2
Value: eyJ1IjoiYjcxZDU1MTAtMzZmZS0xMWVlLTljZWYtNDNkOTUxM2M3OGJkIiwidiI6ImI1OWM0ZTdhLTM2ZmUtMTFlZS1hMmM4LWEwNmZmNzk4Y2UyOCIsInQiOjE2OTE2MTgxMTgxNzcsImgiOiJhODI2NThmMDk3MTg3N2ZmMzExM2U1NjFhNTc5ZTBmYzZkOTViODFjOTM0NWZiMzJlOTZlMTBmN2ZjMGIyN2FiIn0=
www.timesunion.com/ Name: _pxde
Value: 868ae37a76e54b6412cdef3cf38d415355026eeb02c5eb4db2e485d9e98b249d:eyJ0aW1lc3RhbXAiOjE2OTE2MTc4MTgxNzcsImZfa2IiOjAsImlwY19pZCI6W10sImluY19pZCI6WyIwMzdhZjhlMDMzMjZkNjY3MjhiNjViYzRiZmVhOTgwNyIsIjFlNTFkYmE5YjMwZGJhMzM4ZTVjYmFmMWY3MWU5ZDMxIl19
.sitescout.com/ Name: ssi
Value: dddf2387-b1a1-4af1-833b-7a9c99b2e357#1691617818108
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsib25ldGFnIjp7InVpZCI6Im1RY1BVTUhxREdvem9MTVdvUGFyZDVyVzZBX0VURU9GYlNpQ3oxd1pvejgiLCJleHBpcmVzIjoiMjAyMy0wOC0yM1QyMTo1MDoxNC45OTk5MTUyNloifSwiZ3JpZCI6eyJ1aWQiOiIwMDM1Yzk1Ny1mODk1LTRhMDYtYWNiZS00Yjk2ZjYyNmMwMGEiLCJleHBpcmVzIjoiMjAyMy0wOC0yM1QyMTo1MDoxNi42ODI1ODU1MzlaIn0sImd1bWd1bSI6eyJ1aWQiOiJhXzYwNGRjZjFjLWI4NGQtNDlkMy1iNTllLTE5ZTFlOWU5MTJmYSIsImV4cGlyZXMiOiIyMDIzLTA4LTIzVDIxOjUwOjE1Ljc0MTYzMDAyM1oifSwicHVibWF0aWMiOnsidWlkIjoiMUIzMEVDQzItMzJBNS00QzYzLTk3NjctMzdDRDJCNDIwMENGIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjNUMjE6NTA6MTguNzIwMzA0MjM4WiJ9LCJydWJpY29uIjp7InVpZCI6IkxMNDlLSFU0LTE4LUpNSVciLCJleHBpcmVzIjoiMjAyMy0wOC0yM1QyMTo1MDoxNC45OTk2NDc1MTJaIn0sIm9wZW54Ijp7InVpZCI6ImM1ZjUzNmNjLTA4ZWYtMGJkNC0zZWYyLTJiMDFiNzM2ZDcyYyIsImV4cGlyZXMiOiIyMDIzLTA4LTIzVDIxOjUwOjEyLjgwMzY3Mzc1OVoifSwieWllbGRtbyI6eyJ1aWQiOiIzbVJ2aWFhMTFTYTVPc0J3RUpuZCIsImV4cGlyZXMiOiIyMDIzLTA4LTIzVDIxOjUwOjE1LjQxMDQ4MDYwOVoifSwiaXgiOnsidWlkIjoiWk5RS0Ztay1ac2RibUJYR1FYT0hWZ0FBJjUzNTYiLCJleHBpcmVzIjoiMjAyMy0wOC0yM1QyMTo1MDoxNy4wMTQ0MzMyMjRaIn19fQ==
.ctnsnet.com/ Name: cid_307cc5bd8be14ba4a1a25448865f2142
Value: 1
.ctnsnet.com/ Name: cid_b99938abe7704db69e5ffee92bc2c836
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-b99938abe7704db69e5ffee92bc2c836&KRTB&23328-b99938abe7704db69e5ffee92bc2c836&KRTB&23427-b99938abe7704db69e5ffee92bc2c836&KRTB&23445-b99938abe7704db69e5ffee92bc2c836
.sitescout.com/ Name: _ssuma
Value: eyI4MSI6MTY5MTYxNzgxODY5NH0
.c.appier.net/ Name: _auid
Value: WNOCzUuPBIC9zKzZGgrUZA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-X31vL9HZSGNpJLq1ByOm5Q&KRTB&23334-X31vL9HZSGNpJLq1ByOm5Q&KRTB&23417-X31vL9HZSGNpJLq1ByOm5Q&KRTB&23426-X31vL9HZSGNpJLq1ByOm5Q
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-WNOCzUuPBIC9zKzZGgrUZA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1692144000%3A2_223_15%7C1692403200%3A63%7C1696723200%3A69%7C1692748800%3A179_96_76_21_254_56_217_22_214_5_202_54_107_233_3_234_46_71_220_13_8_264_209%7C1692835200%3A35
hub2.zenimpact.io/ Name: zenId
Value: 65a11ddd-2e4a-2ab8-a262-10e227f0cb70
hub2.zenimpact.io/ Name: zenFp
Value: 0f6738a7c196c14492e9baaa7fccc590
hub2.zenimpact.io/ Name: hubId
Value: 56176f70-4bd6-489c-ac7b-450912dab430
.w55c.net/ Name: wfivefivec
Value: v6NLNtCw1QtR4n5
.w55c.net/ Name: matchpubmatic
Value: 5
n730.timesunion.com/ Name: AWSALB
Value: AkSYCYceGzp0qnfoE4w/sn0OUZdpbstRmoTD5gWHVO4KWp4ecqSrpDh3WrwFHucqaQxxliGhsxhuNvDLvIXNutLmoVpfD1gj1jSJoaYEJ95bSXGjsbnJtA7REX44
n730.timesunion.com/ Name: AWSALBCORS
Value: AkSYCYceGzp0qnfoE4w/sn0OUZdpbstRmoTD5gWHVO4KWp4ecqSrpDh3WrwFHucqaQxxliGhsxhuNvDLvIXNutLmoVpfD1gj1jSJoaYEJ95bSXGjsbnJtA7REX44
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:v6NLNtCw1QtR4n5&KRTB&23421-uid:v6NLNtCw1QtR4n5
.adnxs.com/ Name: icu
Value: ChgI9MQ8EAoYAyADKAMwm5TQpgY4A0ADSAMQm5TQpgYYAg..
.adx.opera.com/ Name: UID
Value: OPU960b06642275419d93b5014abfc392f7
.dotomi.com/ Name: DotomiTest
Value: 2f4e0b326dea1b36
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAANLxp8xfeotAMjTxfRAAAAAAA&KRTB&22713-AAANLxp8xfeotAMjTxfRAAAAAAA&KRTB&22715-AAANLxp8xfeotAMjTxfRAAAAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTS2NDc1tjA3NTUwthDiM9T1KPaNDw80MUqM90wCALv5RnMlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmloZmhuYWRgamYEAC1WEuQQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTS2NDc1tjA3NTUwthDiM9T1KPaNDw80MUqM90wCALv5RnMlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1917759397538755038
.pubmatic.com/ Name: PugT
Value: 1691617820
.timesunion.com/ Name: _ga_WE0RM2ZY79
Value: GS1.1.1691617812.1.1.1691617820.0.0.0
.timesunion.com/ Name: _sp_id.5287
Value: 17be25a9-866d-4af9-8cc3-8ac293b629d9.1691617813.1.1691617821.1691617813.bc2543c2-b220-4e66-b4b2-9c6e1038da1d
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI4q6S4dqYgTwQBRIZCgpyaWdodG1lZGlhEgsIhs2WxJTLjDwQBRIVCgZnb29nbGUSCwjys9THlMuMPBAFEhYKB3J1Ymljb24SCwj4rfjTlMuMPBAFEhYKB2JsdWVrYWkSCwjMr8vQlMuMPBAFEhQKBXRhcGFkEgsI2orb1pTLjDwQBRIXCghwdWJtYXRpYxILCMzZ8OGUy4w8EAUSFgoHc3Z4OXQ1MBILCLiQ0eKUy4w8EAUSFQoGY2FzYWxlEgsI4vbQ7JTLjDwQBRIWCgdsaHdiazU5EgsI1M31kJXLjDwQBRIYCgliaWRzd2l0Y2gSCwjUzfWQlcuMPBAFEhMKBGtydXgSCwjUzfWQlcuMPBAFGAUgASgDMgsIkLrlvavLjDwQBTgBQgQiAggBWgdjdGcyc3U2YAE.
.pubmatic.com/ Name: SPugT
Value: 1691617819

17 Console Messages

Source Level URL
Text
javascript error URL: https://www.timesunion.com/
Message:
Access to XMLHttpRequest at 'https://gtm-kw6hw69-m2q2n.uc.r.appspot.com/g/collect?v=2&tid=G-WE0RM2ZY79&gtm=45je3870&_p=141382141&cid=1396311492.1691617812&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=JP&sst.ngs=1&sst.etld=google.co.jp&sst.us_privacy=1---&_s=2&sid=1691617812&sct=1&seg=1&dl=https%3A%2F%2Fwww.timesunion.com%2F&dt=Times%20Union%20-%20Times%20Union&en=page_view&_et=2&richsstsse' from origin 'https://www.timesunion.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://gtm-kw6hw69-m2q2n.uc.r.appspot.com/g/collect?v=2&tid=G-WE0RM2ZY79&gtm=45je3870&_p=141382141&cid=1396311492.1691617812&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=JP&sst.ngs=1&sst.etld=google.co.jp&sst.us_privacy=1---&_s=2&sid=1691617812&sct=1&seg=1&dl=https%3A%2F%2Fwww.timesunion.com%2F&dt=Times%20Union%20-%20Times%20Union&en=page_view&_et=2&richsstsse
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://p.ctpost.com/home%20page?i=4654&s=timesunion&ts=1691617812153
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://www.timesunion.com/hdn/hrlm/p/silent.html#error=login_required&state=06f295bbd369406084ada4ad50b31a29
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://www.timesunion.com/hdn/dynamic/hnpprivacy-min.js(Line 20)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.timesunion.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
0272ac85-5199-4024-a555-397c3d825d95.prmutv.co
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
ak.sail-horizon.com
alb.reddit.com
ampcid.google.co.jp
ampcid.google.com
an.yandex.ru
analytics.twitter.com
ap.lijit.com
api.permutive.com
api.sail-personalize.com
aps.hearstnp.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bk.r-ad.ne.jp
c.amazon-adsystem.com
c1.adform.net
cdn-channels-pixel.ex.co
cdn-scorestream-com.s3.amazonaws.com
cdn.ex.co
cdn.id5-sync.com
cdn.parsely.com
cdn.permutive.com
cdn.playbuzz.com
cdn.taboola.com
cdnjs.cloudflare.com
claim-refund-irs.misecure.com
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
cms.quantserve.com
collector-px413gkwmt.px-client.net
collector.ex.co
connect.facebook.net
content.zenimpact.io
cr-p10.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.nex8.net
csync.loopme.me
d.adroll.com
d15kdpgjg3unno.cloudfront.net
d2sgc57sw7l730.cloudfront.net
dc895c714e7eb96b0b1b395ab7e76ce3.safeframe.googlesyndication.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
dsp.adfarm1.adition.com
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
dyv1bugovvq1g.cloudfront.net
e.channelexco.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlesync.permutive.com
gpv.ex.co
gtm-kw6hw69-m2q2n.uc.r.appspot.com
gum.criteo.com
hbopenbid.pubmatic.com
hearst.blueconic.net
htlb.casalemedia.com
hub2.zenimpact.io
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
insight-api-kgw.zenimpact.io
insight.adsrvr.org
ipac.ctnsnet.com
jadserve.postrelease.com
jp-u.openx.net
js.adsrvr.org
js.matheranalytics.com
lb.eu-1-id5-sync.com
ls.skimresources.com
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
n730.timesunion.com
onetag-sys.com
p.channelexco.com
p.ctpost.com
p.rfihub.com
p.skimresources.com
p1.parsely.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
player.ex.co
pm-widget.taboola.com
pm.w55c.net
polyfill.io
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
projects.sfchronicle.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.skimresources.com
realm.hearst3pcc.com
realm.hearstnp.com
rtb.channelexco.com
rtb.gumgum.com
rtb.openx.net
rtb2-useast.e-volution.ai
s-14.channelexco.com
s-cs.send.microad.jp
s.amazon-adsystem.com
s.hdnux.com
s.ntv.io
s.skimresources.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s3-us-west-2.amazonaws.com
sailplay.net
sb.scorecardresearch.com
scorestream.com
scripts.webcontentassessor.com
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sp-t-hearstnewspapers.com
sqs.us-east-1.amazonaws.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-amz.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
t.co
t.skimresources.com
tags.bluekai.com
tg.socdm.com
timesunion.com
tlx.3lift.com
tm.hdmtools.com
token.rubiconproject.com
tpc.googlesyndication.com
treg.hearstnp.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.redditstatic.com
www.timesunion.com
x.bidswitch.net
adservice.google.com
cs.nex8.net
csync.loopme.me
dsp.adfarm1.adition.com
e.channelexco.com
gtm-kw6hw69-m2q2n.uc.r.appspot.com
id5-sync.com
p.ctpost.com
rtb.channelexco.com
s0.2mdn.net
secure.adnxs.com
sync-dsp.ad-m.asia
sync.1rx.io
sync.adotmob.com
sync.outbrain.com
sync.taboola.com
www.timesunion.com
103.229.10.211
103.229.205.242
103.231.99.77
103.231.99.81
103.43.90.53
104.16.126.175
104.17.24.14
104.18.10.207
104.18.24.173
104.18.25.185
104.18.26.152
104.19.150.54
104.244.42.3
104.244.42.69
107.178.250.234
119.9.108.191
124.146.215.43
13.107.42.14
13.114.73.147
13.229.173.169
13.230.74.203
137.184.93.175
141.95.98.65
142.250.196.131
142.250.196.142
142.250.196.98
142.250.198.2
142.250.198.3
142.250.207.14
142.251.222.1
142.251.222.48
142.251.42.136
142.251.42.138
150.136.156.92
151.101.1.44
151.101.130.49
151.101.193.140
151.101.194.132
151.101.228.157
151.101.64.200
151.101.65.26
151.101.66.202
151.101.66.217
151.139.128.10
162.19.138.119
172.105.221.29
172.217.161.66
172.217.175.14
172.217.175.6
172.217.175.68
172.217.26.226
172.217.26.234
172.217.31.129
172.217.31.130
172.67.38.106
174.137.133.49
18.140.101.67
18.143.106.89
18.176.234.133
18.65.168.89
18.65.176.135
18.65.199.115
18.65.203.198
18.65.211.119
18.65.211.60
18.65.214.119
18.65.214.227
18.65.216.12
18.65.216.13
18.65.216.76
18.65.216.91
18.65.221.214
182.161.74.1
182.161.74.11
182.161.74.16
182.161.74.18
185.183.112.148
185.184.8.90
185.196.197.130
185.84.60.30
188.42.150.4
198.8.71.131
202.233.84.8
207.65.34.77
207.65.34.80
207.65.34.81
209.191.163.152
209.192.253.60
213.19.162.80
220.150.223.50
220.150.223.52
23.106.127.164
23.106.127.165
23.208.233.60
23.210.41.190
23.39.216.189
23.39.217.233
23.39.217.41
23.41.63.80
23.61.252.123
23.81.164.160
23.90.68.235
3.114.199.131
3.114.65.25
3.226.154.247
3.227.173.138
3.239.232.129
3.33.220.150
31.13.82.36
31.13.82.7
34.107.254.252
34.111.113.62
34.120.117.212
34.142.175.23
34.160.105.74
34.160.19.107
34.200.176.4
34.217.190.125
34.235.72.228
34.95.126.7
34.98.64.218
35.162.220.137
35.186.193.173
35.186.253.211
35.190.10.96
35.190.59.101
35.190.60.146
35.190.91.160
35.201.67.47
35.213.12.39
35.227.196.211
35.241.9.51
35.244.204.77
35.71.178.8
38.133.127.191
40.118.246.51
44.215.235.22
50.116.239.135
51.255.68.171
51.89.9.254
52.0.248.85
52.192.10.122
52.220.229.2
52.46.130.91
52.71.184.108
52.74.92.105
52.76.217.203
52.76.245.72
52.77.12.134
52.92.193.17
52.92.224.144
52.95.115.255
54.168.191.169
54.169.162.4
54.169.25.178
54.185.109.45
54.197.248.161
54.238.120.71
54.248.150.184
54.251.235.27
54.64.141.118
54.68.72.119
64.233.188.156
69.173.158.65
69.173.158.92
70.42.32.223
74.118.186.107
74.214.196.131
8.18.47.7
8.39.36.141
8.39.36.142
8.43.72.98
80.77.87.161
82.145.213.8
89.207.22.105
93.158.134.90
96.7.39.73
96.7.39.83
98.129.228.59
98.98.134.242
99.83.154.140
01223964fea2b7a74d6818a44c00c1ce4fb57ba04206ac6ab89666761ec462ad
01413180f8c7d01f299a1427f694347297ac4a54115a357bc2f562a43f2fbacb
019e68a7f6d1380236d370af2c17034d8830fc0ee77008f04c4b45f5b08b198b
01e372108555d5d7559baf9beed06765394932ba24724cd2af3ee8ba2821d6e9
024510cc9f416e5a289df69964cb867a8a28341a81d4be4fa80eb17e1f57e532
024c44059e9a23aba842d4d3d4dafa15014a71bb864b339957abe33c212606d5
03bc90950a3cf3d2baae54d90e814b61d4066e0deec3a120d04f03b38c064f6b
048bb0bd113e30dd0ec69c39126a472b55bc831600cecceeb2d85f9ee8908a33
04f0da05dc6278ebec1e30e4b6f12bacd67d93625e8873b9be489003e3703698
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a37a92a97111d190346c1cc8f310d4c01cb538425eef77af6d71b7229e809b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06be8aed4447f65ebf300538f6d83f4286326739fba7fd6edae55785c599e76e
07fe03950dbe28bf4f530574f1200db6a228e4ebba2861e349262c9c0fc5f3d2
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09f6e9a4f0b403d8d4f840e58209d7e97b9862e52699c9d3df62291a7f35d61e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c31e873caf2cd9a837468447f51245087e14f0e8f2bc4ec8cdcac01807f35de
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d84070d1d5eea3a786d608993d0fe9323096401e697684fd126ca12e82b06c3
0e809109761cfb3b4eecc4a5659f51034a94439e66777856cad73ea25b26f226
0ea8cb3f1561ed81d07ae91bfbd12ea66e387fd95aa6fa30b0c8eafce85543de
0ee276931cfe4b0d1891e595cdea419849ea7f821a8d1cd7c882e0dfc2561f3b
0f9c5fad44af43def7f10464ac43a354a1e2d1fdeb197f12d906c1f19c3a1182
110ec83b0dfe5443096149f041f356c812be66563b70073230175e0e9c547c06
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1307fbe43b86593c3d12ecf319538440eeb676757d2d15a70aea4dbc0667edc9
1374b28d22b674e53a044425556a9cd48b82fd5aba3bf19e3545d51704227b10
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1517e96b49aa8bdd35cd0cd250b3c04622902a6bde73f2d60f80b1588578ca55
153fde9ad0e7bcad486e4677d7ea53d0830ee891412976c3db313a21ae785f21
154e411a627b2a4141b53bac2217b7220c69b4c3ae1f203333ae1f8a87e0716d
161c6a5227ae9727d94a3a07458b4a58117f1d2a5f5839adeb8012fa3c8d6769
16ad31374a592e707c85faccf15452d815c3fcfc740c9efe67434a3eb64168d2
16d7ca7aab9bb5796a2d067da1c6cfd414558e4f71973d4c213085231df5a2ed
17c0b7d0bbcd953b50c123e352757fa68b6a296525371a2baf4c078e1a3c50a9
180764b48f93d3c7b2d3b476d977cbc0921db604ebc7ca60e8b07100d1b5f1d8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
198eb2274280a8bc27784790214476b330bf0c905fa6fe9ddad23c40c6a89c83
1a393b89f8dcced2bfc70c37c4f829d0bf6d3be2fe5e61a0ef9e75a1a81651ad
1abe32bc6c1a15b3d24733a533938c809c755e96aaa4c1ac0f85059ca4b1ce2c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b506f7958620f0b9254ade06823825f9054f6a580b35fadc1807565dda76ba8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d7cc6f6e927200ca1c4f9d948d784501e2bee9a264587f430b6c358fae12d02
1f5c93c1f6e98b4130e47dfaafc28cb202d689d2a1dde6ef33c9561b826946a8
1fe5a1d809eca1e462fbe87d87d44fe69c646d5d782cf8524a84cac0530be9ac
205deca5852d223f1ce7c0326dd56228916e101ac2a4dfd3fe98da1c2158435b
20cf4ed7ce4344d64223ad577ad361f3a3777af96caaa7d2bfc912021748e360
21d28c1ea163984eaa0e2d14f5043c1e00ae881331f26c4003a20f9b39a44288
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22d865ed074f7915422ab425e2246a5c56cdd0ffd69c44242d534efc318a1192
23057677bed750ea60a07277c2c71ed27902af3a794ad34718e03fd289410889
242969516461862ebce6368cc819b5fa4d19d14ca969ee422022b90f749bb2a9
2468aefee4cb7e6570046d14c68ad415d61199e534781a623aaca9d84c6e9fe8
24b5de47dc0702da75d1eda6efe960533526c959ce9b9e0431156d672047a9ef
24e98aaeb725762a4fac6b07da7af36154face093307c1283b829a5d3a2a1cc8
265c7695384ebc42b476d86c5ebe3bcae1b78b6182794838a3edf110102bb9e1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27d431659b2cdb3e6527acc3eec4dc246ae31306a5cce0e69c8e140039c3bf43
27eb87df8f4eb3164ad81ff266aed79d50a33f6869c249ee27ac80ad0c1e3dc2
280845caccee4500845a0a471211b9761666df56b57c6860f8e3cf0b6440b28d
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9
2819cabffa3543dd98ce4506e5f93cfee2ddeb97d7125dfbad735b927ef402f2
28c4eceeafb979fc7663930f63f1fdb432ea6c5d86185a154e2c5689913a361d
293d1e268ef7df12ffabd78c6b60043512ecd41c248e7cdb202de88ae9bcf3e4
29ed8d64933d7c346dcd60f3acd688cd7c48b86cbc98142e434d05838c99e723
2a765267729054374adf0c1c67344ae1305e34555a88211bec177be00e3fa0e8
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2d630de82bee5e702ac4c8fa705a643bc337c3f5b9ba9ca0e9ec5bf348bca580
2e79a4df7553c7c4f99194eff62c7cb129ff5a64171ff6b3a876f21fd8b63ed1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9296c3c095517da831ff99a86ee70050efdc55170342cc052c38716588fe75
3071104ce122eb070cba0c067c7ef231a3a51d9dafe80a61aa628946d987f9de
3109cc24e10385f1910cff83e45341bfceb11016dfc2f1bd66e7d62ee2ee7b87
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32314d66a7e5af87dbfb00e17807b53d9bf7368f2fcf85e75449090590eb30a7
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
340513508703df4052b76bbbdbf3999f645c669d53f3a93a3dbfce60e8d5a3a9
34c9fb9571eaf815182a76cfacaf8e77b763a726175286d168d1acb51dbaa351
35aa72db647ff31f24b517b630e9beb4e112570133e959907a2839567acba9c1
35cddd5272635c92b7e5ed55dc22ee5feea41ccd8da633e754a49fa06873a35e
3640dfc5b09c0311ae58c4dd95721d87ff3803e73a5bc5c5acb6f50d954bc927
365f923f3d28aad3b68b6944d983d4a3243450b3760529dc419a43a39e4cf36c
36917d72defba07c9061ab984f95d0aee27078f7929ebe5c1585bb1a52ce1383
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c553274c565deb6f2cd1a1b326a0c91f7567da718e7746ef8dd891762d50f7
3716e0bc065c77727e1c83ec8fbeaab8b750cb1ef768adaee1dd00e5aeb62480
391bf6915634ffd28f9c83067989f0c9b8a407db55ffe14cf19d4c21c0259f89
3989ec56a67da82386c405919dc460164961d7f4b26e29afe688f7f4df5d5bc7
3afbc79cf0b523c270985252700aa4bd263cabe135067530fb07ba975b1d184a
3d60bcfa3e299a1cec67dd403dd048560f770cc3717523f7d744b83714fde683
3e2ae3f615a0f45b9af1b705d98e7ee2c886af6a0be5742ef0c4f83e17f2377f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef31b30bae4b7f66ebae29e4cfc9f8beed0a43e528a347554e5e5be2e2cbe9c
3fb06655a3aa6620ead45246fe5488a887dac02b556c1378de19c9fa9ca78711
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
41013c58155f58f57d81b5136ec58487c2f4fb4116da44dd36531fc64c5ed8ba
416e826a25ed1422b14ef69922589236c54bd0f21d7f52e1a54fbc8317f67906
4240b0beca7710457d1c5b77a5da7ef42879da25842a7938a27ba8c307633838
43a0c15cd901ff739dec1debd0715792aedc5b8a686d59a9d1102628a0df50bf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ffcef7a5020e9f16ecd25a85e25e4fec63453d7923094da7ff5fa7fe0fd79d
453756fafa4a193856b5e3c456d098e39a491ef0e6c88e0d6ba192606d8a8568
46862bd03f96bd24aa144ecd892c910f1df88ee0381c34161cb27fa3dceda2f7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a425a3ad3fb185e6fda8b638e78267ea4b2a54d2735bef4abd0c2f3df82b90
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4af0afb27a0d058cec1b37a1ac8fbdf3104fa7956bb3f45615f91060ced73b84
4bd272bdb3656cefe523b13f9cc792df0f5b0b5eb54ff4b041d4ed3d8eef81e5
4c3ecfcdbf6232090a6a0b94348317a36f0f50583b2e2d9fc5b0fec05d423956
4ca6f68c8071ce1e749b9142616ebe518d0983acc4f2b4403883d82154a042c1
4cd95b921ad1961a6b1b4da1161bebf71651a5b5bd2b9f55819b26eb9871dba3
4d6bfe31779d5d1fe60a750a128d58e9d569c0c510346887f5d1dba4d786ebb4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
52b1173036846ead2f061c2d2199a33f680a5e387ff422646faa927c61f5f5e2
5392db129b2d5b4ab4ed87f03b99895fefa3b101380954d5764f569ea74bd480
53c6bfa7bfacafcdcb5f9c1b6ea257ea4a7f8c8b931527e7a811e134e30a6950
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54899ee358338cd21113127789739a58815ef133bc6f28176159c0d4a1ce6a41
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560bc318a124e2417dcf36d891e952f5e5ce1d69d76fc2ef4a066792f06f1fed
56d49d7d7bf89665105798befe3d0337c9a60fa2b791beb2c2a8747d56384d1a
570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63
58b9e021a2fb1c2ba00bf2592d698973f1330ac521fae536e1ee724a7d1c383d
58dd031813db944839cf7bead9c28cced841623376f0c15b02a42322c8790998
596820acabfd9080f3d739cb000c585f412e141b234dad422500df2ba92020b3
59eb244867b94cd78f6cc5c8a0b10b7411933f80c7ab1994e46458ac81bc44f7
5b8994ebe10be88dce623eac044733b7fabefbc5440310abe45244587cac2bda
5b9fd8db15e364941bc96e964e7b0454a8b7eb7a7c1b18c1d804c5df0aefb0a2
5c740db2f0b8935195accb8b4c7fdced270373b70fd968a77377c949ecad03dc
5d38056ebd81cb8447620a746f6526f088750a3b4f459012532e72e8ff36a9f2
5e5d2fa604c3583545df1f85f3fb222ddf47645f6237bc7940ad6accd59f365f
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5eff628d009e8289f2bf347fbdd7e0001080c9e3d2e31ffb58cb68101a0f2491
5f627b0b3cfeb4875c96277ab0e382817f4f1980038e641ec5dfe431734694f3
5f94a0052b94f267147776b1e5c569f5c22ce564b3cff54b56a6ea4404b7116b
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6099e10b326f79fa0ea953e2ed65abd9b1d3abf359c15d7a443413051d96a5ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bfd914b3be830b910657d463585beac3c761a3e2cedbecba4430732abfcfca
62d68b60ce880b5ea669c774c2c84b7c9e88cf58ffe26b0d3f449580d18d550d
63f3a386a63016e8adf56dbc32b1e62ad23298ab9b8efe70c0d5a3cdc730dff9
649ca0de2a59d29ead8420218c156fd90da588effe6ce1e2e988e5c3379576e4
652b0f995e04ec831d8f49b9b1d8e0af931d5a5cb209c2802c5cf032dcf28cef
6580a4a100fcb8b00532c322298e4dda206b46f9eaf0c1bd38ba6e08baa60a14
662afd7e51b3a42956477685b664b269522f877c8c509754807cedff876b0f95
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
6a85cb4f69ef025b2b86a217f8e999a8f30f43181f15017115e807dd5b021766
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c026e57a721a8d05a9dcbeb2ec7631d07f0efb3c9c9e50615b69b0cef7e594c
7045c61804b60873fa82197c53a562488dc56df663b8a11b458a3fb74f9bd2d1
71a9618148baa83dc04762d129010b5dd81ef7a8c639099c68f9901316525f81
722b1f38960b27dbb73f1ce24bf5d4f82c84bcea9569e420fb378d63fc62ba79
724be7aa1e1a3f6021b0a00c49d8dfa1181c87634433f2d2e8df4923953fbe49
73137b18c488a5c642c12c6053d62e0d3d9f985dfbadec428cbaa695380f16a0
7431c37953ed322d8bd0b801ad3cb4553595c4cbefb2c44d7d8455ffecb5631f
7459c708ff716ff227886401ed359fe1a4b420b91a25d2dd1d5a1fcf0b264bcb
74c9459e705086236ca03e9945b82c327b58676f806a2ef2b43da3ce982f0619
7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333
76679c5c18b0bb4d5febb32e862c4510d7a92eb52ae9c080d6e098a2f8219d50
78f9b97f38368f9db67fc4ad9a618ce8b5b226f93162a625ef95ce8222fe90c6
79fb3530ca78f53bddc1bccf1283dd52720ad1d1bd92a232407de270db76e4c1
7add9eadb90b41f30c66c878aa2cc88a97270a0ddf27933ee3629e628c9bbf36
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b69c3705bbd8326bf3ca02c8351929c4bacfab4ac8b14aaec7659855663e46c
7d92f9654723bb7b6ca133169ad8fd55924d059517418a48a8f21f605f3ecb66
7de974980b64804a7060842b24caa1cd5d00c3b4a73656754d399264ae89b0dc
7f52822ccaae7d034d6b12bdf49f9bc805e803e47caeba430c05e7ea6c8f2dc5
7feedcdd0537cc790581fc6a411ac5f314145cfe0d7fe0bffd0d05d975d3a623
8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db
80b414d0e609bf5f8eb2e537b8754dded6ab0ac489cdef2d594f28750c10e58c
81f3d25c3cb0fd0c3b9f1f22768b90a687f23b89e5875b68080a675a3f72f68b
8247af110d0c55296aeff96fcb9a4f7e061946b8c87ea0552325b01b2be731db
826163083e2ba82d1c47aed1dce347664b276f1b17445e8895f7726162ef2516
82fdfc0620efbcf59c74c77cc1d29f3a8fcf878ae9c152a69fd77fee2bc01a55
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b446fee3048c85cd5122bf2967ef55322cd6769d8f837cc85ff354e76d39de
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
87cdb7d89b6eb24ccc648409ee488806d330baa21cc6c5c95881b60cbb41480b
8869b0e9a5576286a4b3e0fec882ae48e4108b156c07716fae58461c8ead7d47
8919369648ee6496fbc2ca7f407f8898b6ce2a4bad616c69de6b2eb3e62fc050
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8a91cba9430d3985c7de35c3b24a9bc928509dabddca4e314137c557f9d11d6b
8ace70e0de93323aca21f70754aaa3ee16f5a29e0a546c7686ebbb626b5e2071
8bcf132b1b442f5d27d05b5656f3654d263730746bcc56505d369367e80894df
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8c9d4ea8195e6d34ec13363dca8e2a425faeccf448fe1446f3ad526dd60f7383
8cbb7d356d2c69c6cb5427a0e71cfc311a4c857ef94e5ee086eedcfe2209a638
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d85f43b036785dd2092a1ce7b29c90793629f5bbca6a8cdef6461f8a86cea6c
8efcea72a3af5b28ab05e209e3c910e60fb83287c7eb5e23382c3edfba54fd28
8f81fca468855090668c6899bd1bb27d420da1c057adf36fb9db948c76656ff0
8fd54d1ed12366d00e4acf0de2863b39eeae3be17a2d282e88ab10ad4c0db51c
9148d1da8329d05f7c8989d70e1cb552c80d16cfb0f7d878505fa245c746c5c1
91e2726c5130608718728901a6b5bf378c964bb860e222333cc98a7023526781
92bec69f5a7c2ad60418ac446744a1440c69526df98d37c927ff7e3064a6ad5f
92fa6ca0e0aba30a04bd83daa003c0bd62d46ba7de6065ce3d7af7df92fbd538
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
9606082f7ccb4af1ab2cfd632435cfe89828aff2f1ec1608d637426c7665f723
96b5ef4d443bc2ab497579f69b0b9a8b08e827e1abc529c2bf2f71e94d061bc7
96df926da81f08ee1e108f177830505db567412dc3654ec7d1bcb16ab19d39e4
975325520b773f73ac8e74a5442d6604aa20a61677dbd0b574224836ea69e393
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ec5cb75b6020851a0ef792a91d609c9ac99063a78669c8c4cc4762b959950c
9a1985c8a6c177f0767e24223a75eb7e8dcfed7f48d1913fd6e2eb41c8842dc1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9c3bc61b0f9659c860c1ca669bacae68ff9b2a977a8f7624cb24792b0a103c78
9ce3992d74ea4e434774d379e3d2ac8d675a57cd18ed0e95e5edb04447f7b2fa
9e7dab88130a2a0066c276dd2222a8aa5f2f1649047008fd7b51b35a905e1396
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c68c32f648c30eb837df112468d2b59fd0df51d4c8046798b41647a5375bda
a1f80ad7ddeaf7cae12ca92666f090bfa4754e1249557ec413814791e13b7fef
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a377798bd9bc8326117415305a070eb69a5ff4d36aff15d5885204477400497d
a41ec3bff2dd047f65649f43337c45adba86f9b6d65ce208ef80f4a575522274
a5e2f3ea6e601012859abbc5da7eef35d1cf45011a0275cd9a86dbd0f7fd4101
a5f4efdc514ac97c041a0031df801815cd3ab3e2c03ee4acd6839e67e92a2c82
a666084d3efc7ea6241cd8d06316be6a037334cedd93b5c5009ed325106493e3
a76aa47559deb99afa5403680222b6ae6a77b05fec9530e2c02a692d29b275f6
a8d56a026a8ada2d454f74350cd2a1ae21668707314817130acb22e4af6c0af9
a924d5f28c6e99a268912e3eb75967ba8ea718afe1a8534f242b8aa89011ed4d
a9b013fd30e3e47b01b208486d43aadc7eded867e429aae2345a8e40003d5fc6
aa1fa50f8c1f4ebf9c077510d048c281a6f0e88bc0818668a159d038cce324fd
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abb5a9720e72772ef1b60fef170d83c872b7060cb2b2550a0106fdbb3f79d37f
abce546c4810a0fa8867ad8700d655184a2c0913431d3aa848c132e5ce7f6cac
abfe5228291f6d0932a32234fe2119acc221ec153e09bde7532553cd5a478862
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae7f3b9c2e8a51f7cef4121088210eb97c52aebbc7808ef078c18725864b8587
aedc0a9fd9cac163f92a52651627ee834dbac0710d14cb7e910e28bc534e5241
b01f4bcb4a73433cc805e774f38b19ef6c6c52b551ac1fe857dd8a9d5795385e
b03cbe57ff5f9ba830ada51bd84ed26dedcb0bd05d75cc6ded19f04fae4504b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cea977d19c766cfd57ffbeedaf892bfdeec1c2a9f5d4f478a5772d572d3a74
b32d918728e5361d180fd5cadc35705a7b6e90904dbad803105842a2c0ebe6c3
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b54c52b1145060588e4a7bfd1c32526039c93cf93507035a724d8bbfac7f8e18
b5b2019ebeb6e94330ad272a8d8f19cd264611cc451c35d610f517d733e96e94
b5bfab944e33f37efcc29319261574a2c363b045a40d20dcaf3baae43ff44ed4
b68c939f947f9eee64285a8d082571bbfd3abe9160d6a6a4268150295fc7d9fc
b78f515b8d003a992fd6008df28c6e04dc7f20b71fb7d8431251b32e629acb78
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f
b9ce21947d8fe7105f91f1851268a628cb0eb67040e2856f7a03c1267e5c9488
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
ba23a1e8b28067146c594c26635e5f2e4947a93de3f73c366692fff72ecb734b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc534948cc62343cbcf146713685cd31e54628ecb0a4e8675491e5a80a044635
bc6d3af0628c905dbe2d624fa9bd035db6fc5666baa0006e940b05a3ef715129
bcd7b7d6759fc63c7b6673ee02c3ee36c13d26d0e060b6350508c7320eb83955
bd6987cb7db1b818b99af810fe849406f950a92842830be534190d2f5ba16138
bd788160013e517ee09a4369fb3ec48d3266c72f73f920078bc23897c62e0baa
bde13d7bf75a16ec26e4f3652a281f292afc3ff280d80c17b8c96e1ce9f2e5d2
be9a032778028aa70eff5f585fd93e2dcb8aff541b7dca177bb9cff5991afcab
bee25e78cad3d7a0929e1a9a0decf4bb521c88b516637b0e6ee9e77ae6f3ad76
bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d
c11a375d8a52962f5632ffe249ace6859a7ef490bb3f952420c366bb47185058
c163689d768a40492e10318385554d88a5fecd3939e4a580fbc5b73eea6cd5c2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25d4e1550ed967cb5d4c017abae07957ba32c84a5316473f703cb7199aed397
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2f3ccb82a518564974ba4f79600ce30e34a4fbcfb8c100b669b0e9dddf79aef
c369e511dd663e3d97906fab88d67df42da1f03b3cf909a658ebbe9c9be9ac7e
c40fa9a347181da26ccfc2e7413d900f9e2549f68150f3dd09e13b6aac505221
c7f82fcf3a52843135089c8809a912db33a100939a0f740e3ba3411adf27dea8
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c9d9efe16bf41a1414673ecee72f657b7eb8b99ec151aa25b5119762477a86c7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cadb704fe05a5f3a49ad972f2a8192b878fad45ac4c402d217d0a427a855ade6
cafd187db09dafce3e39d83d644221000e1c13b5d157b6bc1ab9501cc9565580
cb1b8a5ed9a65c7c3547353e061f80f408edcdb0b1a4fd910d5fcb8fe068cc84
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc991a23338bb0ea88c299affc5fd3cd8d76b8f2cf47309c7db24a0c7bcc41a0
cdad86100da8c1c5674a60f2d0439c85830b40732fa274862356b225c6846026
ce3d3481cf65d3f3dde8454f7e67ee233cb619a671f43f63dd982ed08fdfd4c5
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d08fc87fd3a0aa7082bbe0c20b7b7d5469d4d9a2bceeded63126292cbbab77d9
d0c5d5baea154fefa1e608cd2f95739ab4a587a9028975ba793b22505828ad53
d161f337d1e448a9b276eb358e9de99d6e1c9cdd348b53096873fa587d1211eb
d19396d7cc57062c0d52c25eac8bc72c9930f765fe21bfaf0dc6a3c2e21750c1
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d43c6d6bcef706df0493404de9ac27cfc01ada282ad9a73fdbce1a0f54f71411
d4ac9beed4e46dcda7abbfcb6c58477d6e6850393459d5352b1d10e370e92f95
d52236413c01a47caf4d50f30ba9644f29401f4ecd20850f57d442b5aa077ee1
d53e9d875c2717ed047ff54893826e2fc89fd1827e7bb7c4b381f7744eee4446
d600bfcbb22cc14f50cd1153f0c055083709cb59569b9de9373b71f0a62c7b50
d6815bb23d212cd56c26af81ecbce4edcafd68b02c060ac65de839266e0812d0
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d81ae45956379898b2ceaa4aa59afc2412e4792192ef9a12c0e98ce0f073dae1
d857e92a162147374f6d6c5ffbbaaa01add4f6ca843bdb283f98bfe5f24b16d7
d9a58535acdd1b22299dd74268fcd966ef2afa8c0d4c30312d518197022f4488
da189b1ab43bdf43184e7fee943728e0ab5381dab4ac72da5c95acc85e533f2b
da88b06433c3d43b2334f7f3e71a67d3e946ebed6b1384bf5ebb8e4de2b25400
dac9642c3fbca8889765ca2ad02c25e3fb4866e2c3c9107d44ffecca84e655b9
dccdbeb1b9c29f32edce18f101a27f09a7b6b9ad0f05ce48b3e0bdc31720d91e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e16ac25aa46fc72563d49f528668155ed2253bf34fb59e262e2399d39aeec0b0
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3601de6397dbe1a2b7852abedfbefaca1cb2f849bfdab6321a1563714dee752
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ccd2bea90c74c010bdd0b53cb7ebc5fabb99dda6e6b4e72665e8c7048d626e
e3dbf29d5bf5c976b5652a505617a6867d0e1c240d7824fb5ffd48585ea5e31c
e3e82b29afa9a3e800189b8afdf90015c59a14ac30b4251a051a1876adfd8005
e4058b846286433d019ff33bb22b2eca434c9d36249df436d5a3c623825674d0
e694446293cca239d590a94a250295771b65e07417a8c22a0ac0c7d24755bd67
e77301bf4d67f1bc8d0edd73658879a3fb72e03f72e35fb3fab86d40b6305e98
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e866b038bb99fc9270c334274e4b439ebef7b24000dad854b5080d952213ffc5
e97ea7d706d0e392bbc569701821d691c278a8e31a0aad72f23ced14da930974
ecda5e8745c9dc0242df52e86bd863f597ddbf866dc52d3cb41d6150547a9aa6
ed0daffcb53aabdd1997916151ddaff5c5b3e465fe4887d3cff4a257333fb42b
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f070ea18e754261e17cf5815be370228027fd16e74dc3416ffc74962c53d2255
f09a4c5bd13c3c5f3059b0d2cf2fefb0dfdbcc751931fe1c90db3123357a6683
f0daa37303ae9cf4bfbbdc1e84b61f4b4775255b4ad06676165282b2cfc2d31d
f173e931167796a34a3ba7d8b3dc90bea6ed9d801b5823212bbc32bb88c9aa02
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
f24b1e8dae6e63abf5bbb934565ab93ac27bbe5a2d6eaf824d2a99b8b3550999
f34e6539b7e64b7b45ca0ef8c6d36c942bd7524a67f62e8c1b60026fa51b26cd
f3d6c903361c1ee92c54bc82c79ab7bfe49a24f17abb094e44cc48ffac551876
f40f209d206abc85078dd4b76fe42a98846ce536e2fca61f26ef2f504d70bf65
f65bc9a9bc29837e9c171037b6e4fc9a6485d0a4ee1db3b2d7525385937e94af
f6637e8cb940d7400e0cebb23d3e7a99509319bf2e5b2ec8c006f22303d59047
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d785d43bfbc74a74c7ce9b649c32422e0b8df94c01338e80e169ecfa3daa9f
f7610598507d9d46bf365f538ce439b12efebf9b66963359b66c33fb4a418db4
f7726c809a8daa5dc18b4b13117857271edfa609fb21a49e70149e56d5378ff1
f7de82ac3ba9a0880ac0aef261bc38b8ae6ad65a3573782d5e43b87ccf64ab52
f8a088ac03e6890d09986b066a20729680b8be287a7b9f3b966b822cdf058311
f8b7ba9858e88ebbaea70efab084ef9e0c7d68c2bae6913814a4cfa716f41142
f901667db070b90c219ae6119234301ecd8e82e538e42d3097a2658c803ae1cf
f9bf28047beda39a3587ea6bff90e537d0b1c3ca3faea6311ce6a6bb89f35eda
fac96c274786ed3d7d86aabc1d82aa3908620d1d009c74d7fc215572c57a5b76
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54