urlscan.io logo urlscan.io
SecurityTrails logo

www.9news.com Open in urlscan Pro
96.16.194.129  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-clai...
Submission: On August 18 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 171 IPs in 13 countries across 160 domains to perform 904 HTTP transactions. The main IP is 96.16.194.129, located in New York, United States and belongs to AKAMAI-AS, US. The main domain is www.9news.com. The Cisco Umbrella rank of the primary domain is 154089.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 29th 2022. Valid for: a year.
This is the only time www.9news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 96.16.194.129 16625 (AKAMAI-AS)
11 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
11 23.52.144.179 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1901:0:7... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:23c... 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 108.138.107.138 16509 (AMAZON-02)
88 151.101.1.44 54113 (FASTLY)
2 2603:1030:10:... 8075 (MICROSOFT...)
4 2600:9000:20e... 16509 (AMAZON-02)
3 2600:141b:500... 20940 (AKAMAI-ASN1)
4 104.117.182.171 20940 (AKAMAI-ASN1)
3 7 2620:100:a001::c 19750 (AS-CRITEO)
1 13.225.214.20 16509 (AMAZON-02)
11 23.47.64.205 16625 (AKAMAI-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
1 13.226.34.25 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
15 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.111 16509 (AMAZON-02)
7 104.117.182.185 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
2 4 18.164.96.43 16509 (AMAZON-02)
3 5 3.220.109.214 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 18.218.81.139 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 35.236.221.183 396982 (GOOGLE-CL...)
3 3.134.46.108 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.116.107 16509 (AMAZON-02)
11 141.226.124.48 200478 (TABOOLA-AS)
1 3 35.208.249.213 19527 (GOOGLE-2)
1 108.139.29.25 16509 (AMAZON-02)
28 35 142.250.65.194 15169 (GOOGLE)
2 2 18.157.96.169 16509 (AMAZON-02)
6 6 35.236.220.17 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
5 18.164.98.157 16509 (AMAZON-02)
4 54.225.115.28 14618 (AMAZON-AES)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 3.232.158.174 14618 (AMAZON-AES)
2 54.87.189.207 14618 (AMAZON-AES)
4 11 104.18.25.185 13335 (CLOUDFLAR...)
2 2620:100:a001... 19750 (AS-CRITEO)
2 52.71.232.98 14618 (AMAZON-AES)
2 108.138.128.83 16509 (AMAZON-02)
1 30 159.89.246.130 14061 (DIGITALOC...)
2 96.16.25.160 16625 (AKAMAI-AS)
2 31 52.46.143.56 16509 (AMAZON-02)
3 2620:100:a001::4 19750 (AS-CRITEO)
3 104.18.25.112 13335 (CLOUDFLAR...)
1 108.138.128.46 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
30 33 52.223.40.198 16509 (AMAZON-02)
9 14 2600:1f18:4e9... 14618 (AMAZON-AES)
2 19 141.226.224.48 200478 (TABOOLA-AS)
16 18 3.225.218.10 14618 (AMAZON-AES)
20 96.16.25.140 16625 (AKAMAI-AS)
9 27 52.223.22.214 16509 (AMAZON-02)
6 104.18.11.47 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
2 2600:9000:251... 16509 (AMAZON-02)
1 34.120.23.223 396982 (GOOGLE-CL...)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
5 20 3.233.86.45 14618 (AMAZON-AES)
8 8 67.202.105.24 32748 (STEADFAST)
33 34 35.211.178.172 15169 (GOOGLE)
6 6 199.38.167.130 54312 (ROCKETFUEL)
16 16 2606:ae80:147... 25751 (VALUECLICK)
1 1 52.70.223.235 14618 (AMAZON-AES)
7 8 185.167.164.37 198622 (ADFORM)
4 4 2620:116:800b... 14618 (AMAZON-AES)
22 24 199.127.204.171 26120 (RHYTHMONE)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
8 2607:f8b0:400... 15169 (GOOGLE)
19 25 162.19.138.120 16276 (OVH)
1 1 54.177.139.216 16509 (AMAZON-02)
1 1 2600:9000:251... 16509 (AMAZON-02)
1 1 54.237.181.95 14618 (AMAZON-AES)
2 34.238.96.3 14618 (AMAZON-AES)
2 2 124.146.215.51 2514 (INFOSPHER...)
2 2 3.124.202.93 16509 (AMAZON-02)
4 5 216.22.16.5 30633 (LEASEWEB-...)
19 23 69.173.151.100 26667 (RUBICONPR...)
14 41 162.248.18.37 62713 (AS-PUBMATIC)
3 10 63.251.114.182 32475 (SINGLEHOP...)
11 17 198.148.27.131 19189 (PULSEPOINT)
1 2 23.105.12.136 30633 (LEASEWEB-...)
4 4 74.119.119.150 19750 (AS-CRITEO)
13 19 34.111.113.62 396982 (GOOGLE-CL...)
28 40 68.67.160.117 29990 (ASN-APPNEX)
12 12 52.203.12.78 14618 (AMAZON-AES)
4 4 178.250.1.9 44788 (ASN-CRITE...)
4 11 104.36.115.113 62713 (AS-PUBMATIC)
1 1 35.190.90.30 15169 (GOOGLE)
4 4 35.207.24.140 15169 (GOOGLE)
14 47 34.98.64.218 396982 (GOOGLE-CL...)
6 6 52.45.151.151 14618 (AMAZON-AES)
1 2 82.145.213.8 39832 (NO-OPERA)
10 10 207.198.113.87 13768 (COGECO-PEER1)
4 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 54.225.185.242 14618 (AMAZON-AES)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 18.164.124.41 16509 (AMAZON-02)
1 2 54.144.152.166 14618 (AMAZON-AES)
7 44.215.82.85 14618 (AMAZON-AES)
4 18 69.166.1.35 27630 (AS-XFERNET)
2 52.17.235.226 16509 (AMAZON-02)
4 52.85.132.42 16509 (AMAZON-02)
3 32 104.18.24.185 13335 (CLOUDFLAR...)
8 8 23.43.66.117 16625 (AKAMAI-AS)
16 108.138.106.114 16509 (AMAZON-02)
16 19 8.28.7.82 62713 (AS-PUBMATIC)
2 4 3.228.223.152 14618 (AMAZON-AES)
2 96.17.64.130 16625 (AKAMAI-AS)
2 7 54.205.121.138 14618 (AMAZON-AES)
4 9 104.76.100.229 16625 (AKAMAI-AS)
7 14 35.190.60.146 15169 (GOOGLE)
2 52.1.173.131 14618 (AMAZON-AES)
2 4 107.178.254.65 15169 (GOOGLE)
2 2 3.212.219.210 14618 (AMAZON-AES)
4 74.119.119.139 19750 (AS-CRITEO)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 18.205.43.234 14618 (AMAZON-AES)
4 51.222.39.187 16276 (OVH)
2 2 172.240.219.212 7979 (SERVERS-COM)
8 8 72.251.238.254 32475 (SINGLEHOP...)
4 5 35.186.253.211 15169 (GOOGLE)
2 4 23.105.14.105 30633 (LEASEWEB-...)
6 6 3.233.41.53 14618 (AMAZON-AES)
11 15 147.75.195.55 54825 (PACKET)
1 1 37.157.6.254 198622 (ADFORM)
3 5 18.213.251.77 14618 (AMAZON-AES)
2 104.18.18.219 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 9 162.248.18.34 62713 (AS-PUBMATIC)
6 6 64.202.112.191 22075 (AS-OUTBRAIN)
1 1 34.160.19.107 15169 (GOOGLE)
16 107.23.140.175 14618 (AMAZON-AES)
4 6 151.101.194.49 54113 (FASTLY)
3 6 63.251.28.134 26558 (FREEWHEEL)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 18 52.207.45.55 14618 (AMAZON-AES)
1 1 198.24.170.50 19437 (SS-ASH)
3 4 70.42.32.191 22075 (AS-OUTBRAIN)
3 3 54.156.189.155 14618 (AMAZON-AES)
1 3 38.91.45.7 398989 (DEEPINTENT)
1 23.22.30.75 14618 (AMAZON-AES)
3 104.36.115.121 62713 (AS-PUBMATIC)
5 5 54.159.93.151 14618 (AMAZON-AES)
1 1 192.132.33.46 18568 (BIDTELLECT)
4 4 35.214.163.181 15169 (GOOGLE)
3 3 173.231.178.83 32475 (SINGLEHOP...)
1 2600:1f18:61c... 14618 (AMAZON-AES)
3 5 34.230.170.218 14618 (AMAZON-AES)
2 2 3.227.122.175 14618 (AMAZON-AES)
1 1 80.77.87.161 46636 (NATCOWEB)
1 3 50.57.31.206 19994 (RACKSPACE)
3 3 216.200.232.249 30419 (MEDIAMATH...)
2 2 50.19.227.133 14618 (AMAZON-AES)
1 3 23.23.38.193 14618 (AMAZON-AES)
1 50.116.194.23 6336 (TURN-US-ASN)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 1 18.117.18.227 16509 (AMAZON-02)
1 18.239.168.96 16509 (AMAZON-02)
2 2 34.102.163.6 396982 (GOOGLE-CL...)
3 3 2603:c020:400... 31898 (ORACLE-BM...)
1 2 38.68.201.140 174 (COGENT-174)
1 40.76.134.238 8075 (MICROSOFT...)
1 1 162.210.196.208 30633 (LEASEWEB-...)
2 2 35.211.233.246 15169 (GOOGLE)
1 1 35.211.118.13 15169 (GOOGLE)
2 23.52.163.93 16625 (AKAMAI-AS)
1 141.226.224.32 200478 (TABOOLA-AS)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 52.94.222.140 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 19 52.48.58.160 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
3 67.202.105.31 32748 (STEADFAST)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.117.228.201 396982 (GOOGLE-CL...)
1 209.204.229.28 27381 (CASALE-MEDIA)
3 2607:f8b0:400... 15169 (GOOGLE)
2 3 54.156.26.12 14618 (AMAZON-AES)
2 3 44.207.214.52 14618 (AMAZON-AES)
2 2 108.138.106.17 16509 (AMAZON-02)
3 5 18.213.122.129 14618 (AMAZON-AES)
1 1 67.202.105.23 32748 (STEADFAST)
1 1 67.202.105.22 32748 (STEADFAST)
4 151.101.1.108 54113 (FASTLY)
1 67.202.105.21 32748 (STEADFAST)
7 34.117.239.71 396982 (GOOGLE-CL...)
1 44.207.104.173 14618 (AMAZON-AES)
1 1 52.28.251.196 16509 (AMAZON-02)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.186.193.173 15169 (GOOGLE)
1 1 172.105.199.172 63949 (AKAMAI-LI...)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 34.149.20.76 15169 (GOOGLE)
1 1 44.217.133.253 14618 (AMAZON-AES)
2 195.5.165.20 44968 (IPROM-AS)
2 23.88.86.2 24940 (HETZNER-AS)
6 6 23.214.232.233 55836 (RELIANCEJ...)
3 18.208.101.220 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 4 54.225.219.245 14618 (AMAZON-AES)
2 2 64.227.64.62 14061 (DIGITALOC...)
2 2 35.210.53.219 15169 (GOOGLE)
2 108.139.29.63 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 38.98.69.175 174 (COGENT-174)
1 1 52.71.238.15 14618 (AMAZON-AES)
3 4 34.235.212.6 14618 (AMAZON-AES)
2 2 15.235.15.221 16276 (OVH)
1 1 47.252.78.131 45102 (ALIBABA-C...)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
3 69.16.175.42 20446 (STACKPATH...)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
3 2600:1402:800... 20940 (AKAMAI-ASN1)
2 35.169.212.145 14618 (AMAZON-AES)
4 3.209.40.124 14618 (AMAZON-AES)
2 2 52.205.141.27 14618 (AMAZON-AES)
12 54.161.131.163 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.135.132.32 16509 (AMAZON-02)
1 8.28.7.105 62713 (AS-PUBMATIC)
1 69.173.151.96 26667 (RUBICONPR...)
904 171
56    96.16.194.129 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-194-129.deploy.static.akamaitechnologies.com
www.9news.com
11    2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2607:f8b0:4006:821::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google.com
11    23.52.144.179 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-144-179.deploy.static.akamaitechnologies.com
media.9news.com
1    2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
hospitablehall.com
1    2607:f8b0:4006:81f::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:23ca:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2600:1901:0:7ec2::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
moorshoes.com
2    2607:f8b0:4006:81c::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
88    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprchmp.taboola.com
match.taboola.com
pips.taboola.com
vidstatb.taboola.com
wf.taboola.com
2    2603:1030:10:4::8 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tgna-ux-ctrl.service.signalr.net
4    2600:9000:20ed:3e00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
3    2600:141b:5000::173f:4c91 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
amp.akamaized.net
4    104.117.182.171 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-171.deploy.static.akamaitechnologies.com
livevideo.tegnadigital.com
7    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    13.225.214.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-20.ewr50.r.cloudfront.net
native.sharethrough.com
11    23.47.64.205 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-64-205.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2607:f8b0:4006:823::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    13.226.34.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-25.ewr53.r.cloudfront.net
cdn.opecloud.com
3    2607:f8b0:4006:81d::2006 (Stony Point, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
15    2607:f8b0:4006:822::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2607:f8b0:4006:80f::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    13.224.214.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-111.phl50.r.cloudfront.net
ats.rlcdn.com
7    104.117.182.185 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-185.deploy.static.akamaitechnologies.com
livevideo01.9news.com
2    2607:f8b0:4006:816::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    18.164.96.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-43.jfk50.r.cloudfront.net
sb.scorecardresearch.com
5    3.220.109.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-109-214.compute-1.amazonaws.com
pdmp.tagger.opecloud.com
tegna.tagger.opecloud.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.218.81.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-81-139.us-east-2.compute.amazonaws.com
collector-21104.us.tvsquared.com
2    2607:f8b0:4006:81e::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.236.221.183 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.221.236.35.bc.googleusercontent.com
i.simpli.fi
3    3.134.46.108 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-46-108.us-east-2.compute.amazonaws.com
collector-16834.us.tvsquared.com
2    2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.164.116.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-107.jfk50.r.cloudfront.net
d24zb9qreavi2u.cloudfront.net
11    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-match.taboola.com
ch-vid-events.taboola.com
ch-wf.taboola.com
3    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    108.139.29.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-25.jfk50.r.cloudfront.net
geo.privacymanager.io
35    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
2    18.157.96.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-96-169.eu-central-1.compute.amazonaws.com
tagger.opecloud.com
6    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
5    18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
4    54.225.115.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-115-28.compute-1.amazonaws.com
tegna.profiles.tagger.opecloud.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    3.232.158.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-158-174.compute-1.amazonaws.com
btlr.sharethrough.com
2    54.87.189.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-189-207.compute-1.amazonaws.com
tlx.3lift.com
11    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
2    52.71.232.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-232-98.compute-1.amazonaws.com
krk.kargo.com
2    108.138.128.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-83.jfk50.r.cloudfront.net
hb.undertone.com
30    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
2    96.16.25.160 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-25-160.deploy.static.akamaitechnologies.com
a.teads.tv
31    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    104.18.25.112 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
cdn-sic.33across.com
1    108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2607:f8b0:4006:80d::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)
d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com
2266a7f10398fb304e945be267393acb.safeframe.googlesyndication.com
33    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
14    2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
19    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
18    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
20    96.16.25.140 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-25-140.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
27    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
6    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    2600:9000:20ed:5000:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
2    2600:9000:2510:fe00:1b:fdeb:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.serverbid.com
1    34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com
engagefront.theweathernetwork.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
20    3.233.86.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-86-45.compute-1.amazonaws.com
match.sharethrough.com
8    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
34    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
6    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
16    2606:ae80:1471:17::1080 (United States)

ASN25751 (VALUECLICK, US)
stx-match.dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
pulsepoint-match.dotomi.com
33across-match.dotomi.com
openx2-match.dotomi.com
1    52.70.223.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-223-235.compute-1.amazonaws.com
ssp.disqus.com
8    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
4    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
24    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
8    2607:f8b0:4006:806::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
25    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    54.177.139.216 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-139-216.us-west-1.compute.amazonaws.com
usync.vrtcal.com
1    2600:9000:2511:2a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    54.237.181.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-181-95.compute-1.amazonaws.com
jadserve.postrelease.com
2    34.238.96.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-96-3.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    3.124.202.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-202-93.eu-central-1.compute.amazonaws.com
ih.adscale.de
5    216.22.16.5 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
23    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
41    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
10    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
17    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
19    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
40    68.67.160.117 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
12    52.203.12.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-12-78.compute-1.amazonaws.com
match.prod.bidr.io
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
11    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
47    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
33across-d.openx.net
eu-u.openx.net
6    52.45.151.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-151-151.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
10    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    54.225.185.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-185-242.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    18.164.124.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-41.jfk50.r.cloudfront.net
cm.smadex.com
2    54.144.152.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-152-166.compute-1.amazonaws.com
rtb.gumgum.com
7    44.215.82.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-82-85.compute-1.amazonaws.com
sync.bfmio.com
18    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    52.17.235.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-235-226.eu-west-1.compute.amazonaws.com
synchrobox.adswizz.com
4    52.85.132.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-42.iad50.r.cloudfront.net
cdn.adswizz.com
delivery-cdn-cf.adswizz.com
32    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    23.43.66.117 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-66-117.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
16    108.138.106.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-114.jfk50.r.cloudfront.net
usr.undertone.com
19    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    3.228.223.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-223-152.compute-1.amazonaws.com
sync.crwdcntrl.net
2    96.17.64.130 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-130.deploy.static.akamaitechnologies.com
cw.addthis.com
7    54.205.121.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-121-138.compute-1.amazonaws.com
dpm.demdex.net
9    104.76.100.229 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
14    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    52.1.173.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-173-131.compute-1.amazonaws.com
beacon.krxd.net
4    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    3.212.219.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-219-210.compute-1.amazonaws.com
usermatch.krxd.net
4    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    18.205.43.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-43-234.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
4    51.222.39.187 (Canada)

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net
onetag-sys.com
2    172.240.219.212 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
8    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    23.105.14.105 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.105.rdns.racklot.com
sync.smartadserver.com
6    3.233.41.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-41-53.compute-1.amazonaws.com
ad.360yield.com
15    147.75.195.55 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
5    18.213.251.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-251-77.compute-1.amazonaws.com
ads.yieldmo.com
2    104.18.18.219 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
1    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
9    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
6    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
16    107.23.140.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-140-175.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    63.251.28.134 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
18    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
1    198.24.170.50 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
4    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    54.156.189.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-189-155.compute-1.amazonaws.com
sync.ipredictive.com
3    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    23.22.30.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-30-75.compute-1.amazonaws.com
pdmp.profiles.tagger.opecloud.com
3    104.36.115.121 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
5    54.159.93.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-93-151.compute-1.amazonaws.com
pm.w55c.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
4    35.214.163.181 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 181.163.214.35.bc.googleusercontent.com
csync.loopme.me
3    173.231.178.83 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2600:1f18:61c0:2204:de3b:4e7f:13ed:76e2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
5    34.230.170.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-170-218.compute-1.amazonaws.com
rtb.adentifi.com
2    3.227.122.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-122-175.compute-1.amazonaws.com
um4.eqads.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
3    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    50.19.227.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-227-133.compute-1.amazonaws.com
nep.advangelists.com
3    23.23.38.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-38-193.compute-1.amazonaws.com
thrtle.com
1    50.116.194.23 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: d-atl1.turn.com
d.turn.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    18.117.18.227 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-117-18-227.us-east-2.compute.amazonaws.com
x.videobyte.com
1    18.239.168.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-168-96.bos50.r.cloudfront.net
api.intentiq.com
2    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
3    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.68.201.140 (Levittown, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
1    162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
2    23.52.163.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
19    52.48.58.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
1    2607:f8b0:4006:81c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
tps.doubleverify.com
1    209.204.229.28 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5587.casalemedia.com
3    2607:f8b0:4006:822::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net
3    44.207.214.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-214-52.compute-1.amazonaws.com
map.go.affec.tv
2    108.138.106.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-17.jfk50.r.cloudfront.net
live.rezync.com
5    18.213.122.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-122-129.compute-1.amazonaws.com
i.liadm.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
dp2.33across.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp1.33across.com
4    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
sic.33across.com
7    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    44.207.104.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-104-173.compute-1.amazonaws.com
crb.kargo.com
1    52.28.251.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-251-196.eu-central-1.compute.amazonaws.com
eu.ads.audio.thisisdax.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com
gocm.c.appier.net
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    44.217.133.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-133-253.compute-1.amazonaws.com
aorta.clickagy.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
6    23.214.232.233 (Haarlem, Netherlands)

ASN55836 (RELIANCEJIO-IN Reliance Jio Infocomm Limited, IN)
PTR: a23-214-232-233.deploy.static.akamaitechnologies.com
px.owneriq.net
3    18.208.101.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-101-220.compute-1.amazonaws.com
bpi.rtactivate.com
1    2600:1f18:ed:550a:fdb3:b355:1994:e0eb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
4    54.225.219.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-219-245.compute-1.amazonaws.com
io.narrative.io
2    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    108.139.29.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-63.jfk50.r.cloudfront.net
aa.agkn.com
1    2606:4700::6812:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
oxp.mxptint.net
1    52.71.238.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-238-15.compute-1.amazonaws.com
i.w55c.net
4    34.235.212.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-212-6.compute-1.amazonaws.com
a.audrte.com
2    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    2600:1f18:612b:4264:963:162:4e0f:64ff (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
gklfs-1dic0.ads.tremorhub.com
3    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
vast.aniview.com
2    2600:1f18:612b:4216:f43a:e101:3c9c:ed02 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jzwjq.ads.tremorhub.com
3    2600:1402:800:28d::2c79 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    35.169.212.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-212-145.compute-1.amazonaws.com
gov.aniview.com
4    3.209.40.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-40-124.compute-1.amazonaws.com
track1.aniview.com
2    52.205.141.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-141-27.compute-1.amazonaws.com
t.pswec.com
12    54.161.131.163 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-131-163.compute-1.amazonaws.com
sync.aniview.com
2    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
Apex Domain
Subdomains		 Transfer
119 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1097
pm-widget.taboola.com — Cisco Umbrella Rank: 3561
trc.taboola.com — Cisco Umbrella Rank: 722
vidstat.taboola.com — Cisco Umbrella Rank: 3007
ch-trc-events.taboola.com — Cisco Umbrella Rank: 4021
images.taboola.com — Cisco Umbrella Rank: 1924
imprchmp.taboola.com — Cisco Umbrella Rank: 5170
ch-match.taboola.com — Cisco Umbrella Rank: 5351
ch-vid-events.taboola.com — Cisco Umbrella Rank: 4848
sync.taboola.com — Cisco Umbrella Rank: 1173
sync-t1.taboola.com — Cisco Umbrella Rank: 1527
match.taboola.com — Cisco Umbrella Rank: 6264
pips.taboola.com — Cisco Umbrella Rank: 1803
cds.taboola.com — Cisco Umbrella Rank: 2110
vidstatb.taboola.com — Cisco Umbrella Rank: 5604
wf.taboola.com — Cisco Umbrella Rank: 3066
ch-wf.taboola.com — Cisco Umbrella Rank: 5606
6 MB
97 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 651
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
simage2.pubmatic.com — Cisco Umbrella Rank: 982
image6.pubmatic.com — Cisco Umbrella Rank: 989
image8.pubmatic.com — Cisco Umbrella Rank: 818
image4.pubmatic.com — Cisco Umbrella Rank: 1409
t.pubmatic.com — Cisco Umbrella Rank: 3133
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
ow.pubmatic.com — Cisco Umbrella Rank: 2503
250 KB
74 9news.com
www.9news.com — Cisco Umbrella Rank: 154089
media.9news.com — Cisco Umbrella Rank: 182459
livevideo01.9news.com — Cisco Umbrella Rank: 225483
7 MB
52 openx.net
u.openx.net — Cisco Umbrella Rank: 935
us-u.openx.net — Cisco Umbrella Rank: 605
rtb.openx.net — Cisco Umbrella Rank: 990
33across-d.openx.net — Cisco Umbrella Rank: 24503
eu-u.openx.net — Cisco Umbrella Rank: 2874
180 KB
52 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 737
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
token.rubiconproject.com — Cisco Umbrella Rank: 748
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1308
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1094
127 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
311 KB
44 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
acdn.adnxs.com — Cisco Umbrella Rank: 703
116 KB
44 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 741
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
ssum.casalemedia.com — Cisco Umbrella Rank: 1560
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
dsum.casalemedia.com — Cisco Umbrella Rank: 1784
r.casalemedia.com — Cisco Umbrella Rank: 1756
a5587.casalemedia.com — Cisco Umbrella Rank: 51855
47 KB
42 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 435
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
153 KB
35 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
r.bidswitch.net — Cisco Umbrella Rank: 8747
17 KB
33 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
15 KB
32 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3665
sync.serverbid.com — Cisco Umbrella Rank: 12462
x.serverbid.com — Cisco Umbrella Rank: 11143
10 KB
30 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
13 KB
29 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 746
eb2.3lift.com — Cisco Umbrella Rank: 437
13 KB
26 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
62 KB
25 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 8926
cdn.adswizz.com — Cisco Umbrella Rank: 14602
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3210
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5475
66 KB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
2266a7f10398fb304e945be267393acb.safeframe.googlesyndication.com
138 KB
24 aniview.com
vast.aniview.com — Cisco Umbrella Rank: 5658
player.aniview.com — Cisco Umbrella Rank: 1997
gov.aniview.com — Cisco Umbrella Rank: 4874
track1.aniview.com — Cisco Umbrella Rank: 2078
sync.aniview.com — Cisco Umbrella Rank: 2032
396 KB
23 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 3274
btlr.sharethrough.com — Cisco Umbrella Rank: 1352
match.sharethrough.com — Cisco Umbrella Rank: 673
119 KB
22 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1341
ssc-cms.33across.com — Cisco Umbrella Rank: 1272
cdn-sic.33across.com — Cisco Umbrella Rank: 22768
dp2.33across.com — Cisco Umbrella Rank: 12901
dp1.33across.com — Cisco Umbrella Rank: 8924
sic.33across.com — Cisco Umbrella Rank: 19368
events-ssc.33across.com — Cisco Umbrella Rank: 2672
ssc.33across.com — Cisco Umbrella Rank: 4786
136 KB
21 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
bidder.criteo.com — Cisco Umbrella Rank: 885
dis.criteo.com — Cisco Umbrella Rank: 745
dis.eu.criteo.com — Cisco Umbrella Rank: 9125
mug.criteo.com — Cisco Umbrella Rank: 2338
20 KB
20 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1791
usersync.gumgum.com — Cisco Umbrella Rank: 2073
6 KB
20 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4426
cdn.undertone.com — Cisco Umbrella Rank: 4147
usr.undertone.com — Cisco Umbrella Rank: 2884
14 KB
19 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
4 KB
18 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
15 KB
18 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1118
ap.lijit.com — Cisco Umbrella Rank: 864
18 KB
17 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1121
assets.a-mo.net — Cisco Umbrella Rank: 2442
11 KB
17 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
15 KB
16 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2626
cs.yellowblue.io — Cisco Umbrella Rank: 2909
8 KB
16 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
11 KB
16 dotomi.com
stx-match.dotomi.com — Cisco Umbrella Rank: 3239
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 6142
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
casale-match.dotomi.com — Cisco Umbrella Rank: 4136
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 9421
33across-match.dotomi.com — Cisco Umbrella Rank: 4514
openx2-match.dotomi.com — Cisco Umbrella Rank: 5862
5 KB
16 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2789
idsync.rlcdn.com — Cisco Umbrella Rank: 462
api.rlcdn.com — Cisco Umbrella Rank: 1165
id.rlcdn.com — Cisco Umbrella Rank: 1004
75 KB
13 opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 5651
pdmp.tagger.opecloud.com — Cisco Umbrella Rank: 7554
tegna.tagger.opecloud.com — Cisco Umbrella Rank: 27436
tagger.opecloud.com — Cisco Umbrella Rank: 4313
tegna.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 28351
pdmp.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 7935
18 KB
12 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 727
6 KB
11 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
sync.smartadserver.com — Cisco Umbrella Rank: 1577
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1958
3 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 406
178 KB
10 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 948
7 KB
9 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 776
stags.bluekai.com — Cisco Umbrella Rank: 716
3 KB
9 adform.net
c1.adform.net — Cisco Umbrella Rank: 720
cm.adform.net — Cisco Umbrella Rank: 1329
dmp.adform.net — Cisco Umbrella Rank: 3746
5 KB
8 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
5 KB
8 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 4159
um.simpli.fi — Cisco Umbrella Rank: 1009
4 KB
7 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6781
ads.yieldmo.com — Cisco Umbrella Rank: 808
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 10097
4 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 240
6 KB
7 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2009
4 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
14 KB
6 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 2071
4 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 770
i6.liadm.com — Cisco Umbrella Rank: 2424
3 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1136
i.w55c.net — Cisco Umbrella Rank: 2610
4 KB
6 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
3 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
1 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
4 KB
6 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 802
2 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
4 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
d.turn.com — Cisco Umbrella Rank: 1708
2 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
5 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 849
cdn.indexww.com — Cisco Umbrella Rank: 1942
98 KB
5 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1495
1016 B
5 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 14043
sc.tynt.com — Cisco Umbrella Rank: 20537
ic.tynt.com — Cisco Umbrella Rank: 6713
de.tynt.com — Cisco Umbrella Rank: 1898
14 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 674
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 195
3 KB
4 tremorhub.com
gklfs-1dic0.ads.tremorhub.com — Cisco Umbrella Rank: 20799
jzwjq.ads.tremorhub.com — Cisco Umbrella Rank: 23963
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3076
3 KB
4 narrative.io
io.narrative.io — Cisco Umbrella Rank: 5282
1 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
1 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 928
1 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 984
3 KB
4 pippio.com
pippio.com — Cisco Umbrella Rank: 1005
901 B
4 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
usermatch.krxd.net — Cisco Umbrella Rank: 1796
1002 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
1 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1249
2 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1015
2 KB
4 tvsquared.com
collector-21104.us.tvsquared.com — Cisco Umbrella Rank: 267423
collector-16834.us.tvsquared.com — Cisco Umbrella Rank: 270929
18 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 176
1 KB
4 tegnadigital.com
livevideo.tegnadigital.com — Cisco Umbrella Rank: 25949
4 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1228
43 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 600
fonts.googleapis.com — Cisco Umbrella Rank: 73
355 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
228 KB
3 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1878
325 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1025
s.tribalfusion.com — Cisco Umbrella Rank: 2306
2 KB
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 9110
2 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1211
2 KB
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6718
oxp.mxptint.net — Cisco Umbrella Rank: 6909
1 KB
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1555
4 KB
3 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1501
959 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
2 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1649
2 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1219
721 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1183
1 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1880
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
73 KB
3 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 5041
crb.kargo.com — Cisco Umbrella Rank: 1866
2 KB
3 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
402 B
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
289 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
142 KB
3 akamaized.net
amp.akamaized.net — Cisco Umbrella Rank: 10050
957 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 4572
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3601
726 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 649
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6360
747 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020
1 KB
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8584
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7279
554 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1950
2 KB
2 media.net
contextual.media.net — Cisco Umbrella Rank: 764
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3061
969 B
2 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3654
448 B
2 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 3583
396 B
2 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 3464
541 B
2 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1686
1 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1549
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4816
970 B
2 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 3233
852 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1739
463 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 279
972 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
1021 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3159
633 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1218
2 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1640
990 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
156 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
21 KB
2 signalr.net
tgna-ux-ctrl.service.signalr.net — Cisco Umbrella Rank: 35153
290 B
1 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2422
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 4882
298 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 2093
558 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2484
654 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4957
464 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2822
436 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
370 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1490
674 B
1 thisisdax.com
eu.ads.audio.thisisdax.com — Cisco Umbrella Rank: 34461
467 B
1 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 609
162 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
400 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2445
173 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3451
474 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 5912
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1625
705 B
1 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 4947
231 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1914
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1168
637 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1612
181 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1120
349 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 4609
603 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1969
424 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2017
351 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2564
740 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3396
613 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1496
638 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1324
537 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 938
529 B
1 vrtcal.com
usync.vrtcal.com — Cisco Umbrella Rank: 11973
269 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1602
308 B
1 theweathernetwork.com
engagefront.theweathernetwork.com — Cisco Umbrella Rank: 3852
314 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2287
610 B
1 cloudfront.net
d24zb9qreavi2u.cloudfront.net
411 B
1 moorshoes.com
moorshoes.com — Cisco Umbrella Rank: 27360
785 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 751
482 B
1 hospitablehall.com
hospitablehall.com — Cisco Umbrella Rank: 33564
24 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 785
246 B
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
0 bnmla.com Failed
match.bnmla.com Failed
904 160
Domain Requested by
56 www.9news.com www.9news.com
50 images.taboola.com cdn.taboola.com
35 us-u.openx.net 11 redirects u.openx.net
33across-d.openx.net
us-u.openx.net
35 cm.g.doubleclick.net 28 redirects eb2.3lift.com
u.openx.net
rtb.gumgum.com
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
34 x.bidswitch.net 33 redirects
33 match.adsrvr.org 30 redirects sync.serverbid.com
ads.pubmatic.com
31 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
match.sharethrough.com
u.openx.net
sync.go.sonobi.com
sync-amz.ads.yieldmo.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
bh.contextweb.com
ce.lijit.com
eus.rubiconproject.com
30 simage2.pubmatic.com 10 redirects ads.pubmatic.com
s.amazon-adsystem.com
29 ib.adnxs.com 19 redirects acdn.adnxs.com
www.9news.com
27 eb2.3lift.com 9 redirects ads.pubmatic.com
eb2.3lift.com
26 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
25 id5-sync.com 19 redirects cdn.id5-sync.com
s.amazon-adsystem.com
sync.go.sonobi.com
ads.pubmatic.com
23 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
21 cdn.taboola.com www.9news.com
cdn.taboola.com
20 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
20 eus.rubiconproject.com imprchmp.taboola.com
eus.rubiconproject.com
cdn.undertone.com
s.amazon-adsystem.com
sync.serverbid.com
rtb.gumgum.com
cs-server-s2s.yellowblue.io
de.tynt.com
www.9news.com
19 synchroscript.deliveryengine.adswizz.com 2 redirects cdn.adswizz.com
synchroscript.deliveryengine.adswizz.com
19 image8.pubmatic.com 16 redirects cdn.undertone.com
19 pixel.tapad.com 13 redirects sync.go.sonobi.com
sync-amz.ads.yieldmo.com
us-u.openx.net
18 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
18 sync.go.sonobi.com 4 redirects s.amazon-adsystem.com
sync.go.sonobi.com
17 bh.contextweb.com 11 redirects s.amazon-adsystem.com
sync.go.sonobi.com
bh.contextweb.com
16 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
ads.pubmatic.com
eus.rubiconproject.com
16 sync.1rx.io 16 redirects
16 ups.analytics.yahoo.com 14 redirects us-u.openx.net
www.9news.com
16 sync.taboola.com 2 redirects ch-match.taboola.com
imprchmp.taboola.com
eus.rubiconproject.com
15 prebid.a-mo.net 11 redirects www.9news.com
15 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
js-sec.indexww.com
pagead2.googlesyndication.com
www.googletagservices.com
14 pr-bh.ybp.yahoo.com 9 redirects ssum-sec.casalemedia.com
u.openx.net
12 sync.aniview.com www.9news.com
ads.pubmatic.com
eus.rubiconproject.com
12 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
12 idsync.rlcdn.com 6 redirects cdn.undertone.com
sync.go.sonobi.com
us-u.openx.net
s.amazon-adsystem.com
12 ssum-sec.casalemedia.com 5 redirects s.amazon-adsystem.com
cdn.undertone.com
js-sec.indexww.com
ssum-sec.casalemedia.com
12 match.prod.bidr.io 12 redirects
12 pixel.rubiconproject.com 9 redirects eus.rubiconproject.com
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.9news.com
cdn-sic.33across.com
11 image2.pubmatic.com 4 redirects ads.pubmatic.com
11 secure.adnxs.com 9 redirects vidstat.taboola.com
11 image6.pubmatic.com 4 redirects ads.pubmatic.com
11 ads.pubmatic.com tags.tiqcdn.com
ads.pubmatic.com
s.amazon-adsystem.com
sync.serverbid.com
rtb.gumgum.com
de.tynt.com
www.9news.com
11 media.9news.com www.9news.com
11 cdn.cookielaw.org www.9news.com
cdn.cookielaw.org
10 pixel-sync.sitescout.com 10 redirects
10 ce.lijit.com 3 redirects s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
ce.lijit.com
8 ap.lijit.com 8 redirects
8 secure-assets.rubiconproject.com 8 redirects
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
8 sync.targeting.unrulymedia.com 6 redirects ce.lijit.com
us-u.openx.net
8 ssc-cms.33across.com 8 redirects
7 events-ssc.33across.com eus.rubiconproject.com
ads.pubmatic.com
7 pixel-us-east.rubiconproject.com 7 redirects
7 dpm.demdex.net 2 redirects cdn.undertone.com
sync.go.sonobi.com
sync.serverbid.com
7 sync.bfmio.com s.amazon-adsystem.com
sync.bfmio.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 livevideo01.9news.com www.9news.com
7 gum.criteo.com 3 redirects cdn.taboola.com
static.criteo.net
6 px.owneriq.net 6 redirects
6 33across-d.openx.net cdn-sic.33across.com
33across-d.openx.net
6 ads.stickyadstv.com 3 redirects ssum-sec.casalemedia.com
www.9news.com
6 sync-tm.everesttech.net 4 redirects rtb.gumgum.com
ads.pubmatic.com
6 b1sync.zemanta.com 6 redirects
6 ad.360yield.com 6 redirects
6 sync.srv.stackadapt.com 6 redirects
6 p.rfihub.com 6 redirects
6 um.simpli.fi 6 redirects
6 trc.taboola.com cdn.taboola.com
ch-match.taboola.com
imprchmp.taboola.com
5 simage4.pubmatic.com ads.pubmatic.com
5 i.liadm.com 3 redirects us-u.openx.net
ads.pubmatic.com
5 rtb.adentifi.com 3 redirects ssum-sec.casalemedia.com
sync.bfmio.com
5 pm.w55c.net 5 redirects
5 ads.yieldmo.com 3 redirects sync-amz.ads.yieldmo.com
5 rtb.openx.net 4 redirects us-u.openx.net
5 tags.bluekai.com 1 redirects cdn.undertone.com
sync.go.sonobi.com
5 u.openx.net 3 redirects s.amazon-adsystem.com
5 ad.turn.com 5 redirects
5 creativecdn.com 5 redirects
5 aax.amazon-adsystem.com c.amazon-adsystem.com
5 c.amazon-adsystem.com www.9news.com
c.amazon-adsystem.com
cdn-sic.33across.com
4 track1.aniview.com
4 a.audrte.com 3 redirects
4 io.narrative.io 2 redirects s.amazon-adsystem.com
4 acdn.adnxs.com cdn-sic.33across.com
acdn.adnxs.com
4 cs.yellowblue.io cs-server-s2s.yellowblue.io
eus.rubiconproject.com
4 csync.loopme.me 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 stags.bluekai.com 3 redirects us-u.openx.net
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 image4.pubmatic.com 3 redirects
4 sync.smartadserver.com 2 redirects sync.serverbid.com
4 onetag-sys.com sync.serverbid.com
cs-server-s2s.yellowblue.io
www.9news.com
4 mug.criteo.com
4 pippio.com 2 redirects cdn.undertone.com
4 sync.crwdcntrl.net 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
4 pubmatic-match.dotomi.com 4 redirects
4 px.ads.linkedin.com eb2.3lift.com
eus.rubiconproject.com
4 rtb.mfadsrvr.com 4 redirects
4 dis.eu.criteo.com 4 redirects
4 dis.criteo.com 4 redirects
4 ssbsync.smartadserver.com 3 redirects
4 cms.quantserve.com 4 redirects
4 js-sec.indexww.com ads.pubmatic.com
www.9news.com
js-sec.indexww.com
4 ch-vid-events.taboola.com vidstat.taboola.com
4 e.serverbid.com 1 redirects ads.pubmatic.com
eus.rubiconproject.com
4 tegna.profiles.tagger.opecloud.com tags.tiqcdn.com
4 tegna.tagger.opecloud.com 3 redirects
4 ch-trc-events.taboola.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 sb.scorecardresearch.com 2 redirects
4 livevideo.tegnadigital.com www.9news.com
4 tags.tiqcdn.com www.9news.com
tags.tiqcdn.com
4 www.google.com www.9news.com
tpc.googlesyndication.com
3 player.aniview.com vidstat.taboola.com
3 vast.aniview.com vidstat.taboola.com
3 bpi.rtactivate.com s.amazon-adsystem.com
us-u.openx.net
ads.pubmatic.com
3 map.go.affec.tv 2 redirects
3 ps.eyeota.net 2 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 sync.technoratimedia.com 3 redirects
3 thrtle.com 1 redirects sync.go.sonobi.com
3 sync.mathtag.com 3 redirects
3 uipglob.semasio.net 1 redirects sync.go.sonobi.com
3 cm.adgrx.com 3 redirects
3 t.pubmatic.com ads.pubmatic.com
3 match.deepintent.com 1 redirects rtb.gumgum.com
ssum-sec.casalemedia.com
3 sync.ipredictive.com 3 redirects
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 sync-t1.taboola.com
3 static.criteo.net securepubads.g.doubleclick.net
ads.pubmatic.com
static.criteo.net
3 trace.mediago.io 1 redirects
3 collector-16834.us.tvsquared.com tags.tiqcdn.com
3 s0.2mdn.net imasdk.googleapis.com
js-sec.indexww.com
3 www.googletagservices.com tags.tiqcdn.com
securepubads.g.doubleclick.net
3 amp.akamaized.net www.9news.com
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 t.pswec.com 2 redirects
2 gov.aniview.com player.aniview.com
2 jzwjq.ads.tremorhub.com 1 redirects
2 gklfs-1dic0.ads.tremorhub.com 1 redirects
2 pixel.onaudience.com 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 aa.agkn.com us-u.openx.net
2 pool.admedo.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 matching.truffle.bid ads.pubmatic.com
2 core.iprom.net ads.pubmatic.com
2 id.rlcdn.com 1 redirects us-u.openx.net
2 a.tribalfusion.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 live.rezync.com 2 redirects
2 cdn-sic.33across.com cdn.tynt.com
cdn-sic.33across.com
2 de.tynt.com cdn.tynt.com
2 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
2 pulsepoint-match.dotomi.com 2 redirects
2 contextual.media.net cs-server-s2s.yellowblue.io
us-u.openx.net
2 a.sportradarserving.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ad.mrtnsvr.com 2 redirects
2 nep.advangelists.com 2 redirects
2 um4.eqads.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 r.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 sync.colossusssp.com 2 redirects
2 usermatch.krxd.net 2 redirects
2 beacon.krxd.net cdn.undertone.com
2 cw.addthis.com cdn.undertone.com
2 pixel.advertising.com 2 redirects
2 cdn.adswizz.com sync.serverbid.com
2 synchrobox.adswizz.com sync.serverbid.com
2 amazon-tam-match.dotomi.com 2 redirects
2 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
2 c.bing.com eb2.3lift.com
2 t.adx.opera.com 1 redirects
2 rtb-csync.smartadserver.com 1 redirects
2 ih.adscale.de 2 redirects
2 tg.socdm.com 2 redirects
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 stx-match.dotomi.com 2 redirects
2 sync.serverbid.com ads.pubmatic.com
2 cdn.undertone.com ads.pubmatic.com
2 ch-match.taboola.com vidstat.taboola.com
2 a.teads.tv ads.pubmatic.com
2 hb.undertone.com ads.pubmatic.com
2 krk.kargo.com ads.pubmatic.com
2 bidder.criteo.com ads.pubmatic.com
2 htlb.casalemedia.com ads.pubmatic.com
2 tlx.3lift.com ads.pubmatic.com
2 btlr.sharethrough.com ads.pubmatic.com
2 hbopenbid.pubmatic.com ads.pubmatic.com
2 tagger.opecloud.com 2 redirects
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 i.simpli.fi
2 www.googletagmanager.com tags.tiqcdn.com
www.google-analytics.com
2 www.google-analytics.com tags.tiqcdn.com
www.google-analytics.com
2 fonts.googleapis.com client
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 tgna-ux-ctrl.service.signalr.net www.9news.com
2 imasdk.googleapis.com www.9news.com
imasdk.googleapis.com
1 prebid-server.rubiconproject.com www.9news.com
1 ow.pubmatic.com www.9news.com
1 ssbsync-global.smartadserver.com 1 redirects
1 sync-dmp.mobtrakk.com www.9news.com
1 ch-wf.taboola.com vidstat.taboola.com
1 wf.taboola.com vidstat.taboola.com
1 event.clientgear.com 1 redirects
1 dmp.adform.net 1 redirects
1 vidstatb.taboola.com
1 2266a7f10398fb304e945be267393acb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 eu-u.openx.net us-u.openx.net
1 i.w55c.net 1 redirects
1 oxp.mxptint.net 1 redirects
1 idpix.media6degrees.com 1 redirects
1 i6.liadm.com s.amazon-adsystem.com
1 aorta.clickagy.com 1 redirects
1 ssc.33across.com cdn-sic.33across.com
1 ads.playground.xyz 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 eu.ads.audio.thisisdax.com 1 redirects
1 crb.kargo.com
1 sic.33across.com cdn-sic.33across.com
1 dp1.33across.com 1 redirects
1 dp2.33across.com 1 redirects
1 a5587.casalemedia.com
1 tps.doubleverify.com
1 googleads.g.doubleclick.net
1 ic.tynt.com
1 sc.tynt.com cdn.tynt.com
1 lb.eu-1-id5-sync.com ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 tr.blismedia.com ce.lijit.com
1 cds.taboola.com cdn.taboola.com
1 r.bidswitch.net 1 redirects
1 sync.aralego.com 1 redirects
1 us01.z.antigena.com
1 sync-pm.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 pips.taboola.com cdn.taboola.com
1 api.intentiq.com sync.go.sonobi.com
1 x.videobyte.com 1 redirects
1 sync.adkernel.com sync.go.sonobi.com
1 d.turn.com sync.go.sonobi.com
1 cs.admanmedia.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 pdmp.profiles.tagger.opecloud.com cdn.opecloud.com
1 server.cpmstar.com 1 redirects
1 s.company-target.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 id.a-mx.com 1 redirects
1 cdn.tynt.com www.9news.com
1 cm.adform.net 1 redirects
1 ssum.casalemedia.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 sync.inmobi.com 1 redirects
1 cm.smadex.com 1 redirects
1 match.taboola.com
1 odr.mookie1.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 usync.vrtcal.com 1 redirects
1 ssp.disqus.com 1 redirects
1 engagefront.theweathernetwork.com
1 d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 imprchmp.taboola.com vidstat.taboola.com
1 analytics.google.com www.googletagmanager.com
1 geo.privacymanager.io ats.rlcdn.com
1 d24zb9qreavi2u.cloudfront.net
1 collector-21104.us.tvsquared.com tags.tiqcdn.com
1 pdmp.tagger.opecloud.com
1 ats.rlcdn.com ads.pubmatic.com
1 cdn.opecloud.com tags.tiqcdn.com
1 native.sharethrough.com tags.tiqcdn.com
1 moorshoes.com hospitablehall.com
1 static.adsafeprotected.com www.9news.com
1 www.gstatic.com www.google.com
1 hospitablehall.com www.9news.com
1 geolocation.onetrust.com cdn.cookielaw.org
0 ssl-market-east.smrtb.com Failed sync.go.sonobi.com
0 match.bnmla.com Failed sync.go.sonobi.com
904 287
Subject Issuer Validity Valid
www.kagstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-01		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.tegna-media.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-01 -
2023-10-04		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
hospitablehall.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
moorshoes.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.service.signalr.net
Microsoft Azure TLS Issuing CA 01		 2023-07-20 -
2024-06-27		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
livevideo01.dailyblastlive.com
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
cdn.opecloud.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
livevideo01.king5.com
R3		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.tagger.opecloud.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-10-27		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.us.tvsquared.com
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-26		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.mediago.io
GlobalSign GCC R3 DV TLS CA 2020		 2023-01-13 -
2024-02-11		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.profiles.tagger.opecloud.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.consumableaudio.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
sync.serverbid.com
Amazon RSA 2048 M02		 2023-03-22 -
2024-04-19		 a year crt.sh
engagefront.theweathernetwork.com
GTS CA 1D4		 2023-06-23 -
2023-09-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.adswizz.com
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-19		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.mxptint.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-22 -
2024-07-08		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2023-03-22 -
2024-04-22		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-07-03 -
2023-10-01		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-12-22 -
2024-01-23		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-07-02 -
2023-09-30		 3 months crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 148 frames:

Primary Page: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Frame ID: 91584295C409CC0495F708E39940CBD6
Requests: 327 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Frame ID: B7645C4671B3D3BB26683BA8A9F8DB21
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D8C10E946B6C166376ADD4F7D18CD06E
Requests: 1 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=undefined&cb=1692381880294&uv=3321&tms=1692381880294&abt=aniview_inc_vA!nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=0492ea76-c8ad-4586-ac98-be6c13da22f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D042F7FB710D1286F6CF395737E0721A
Requests: 3 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 3B370D37E404FCEB5491BEA5BE779EBD
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&dcc=t
Frame ID: BEEF8CCE3D0FF2BBC9893C28C1AF817C
Requests: 1 HTTP requests in this frame

Frame: https://d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 119655324AAECE000E5B008E909ED017
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Frame ID: A2F7413DB03D880AFCD7E654B458F2A9
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: AF6C4202664E11658D8C06EABE86D37C
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 05B4CC560F8F4DDCFE17C3F07B1BC5FA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Frame ID: 3C241F9858646343AD8761051BACF7D1
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Frame ID: BB16E94B1351463EA58630563A094EF1
Requests: 20 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: 74DAB305DD9A9B2FAF127332EDB1607C
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Frame ID: CA68658FDC72ECA38F31EE31D905853B
Requests: 9 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000210.html
Frame ID: A82EB42C41D889379A969A393B5AB1AF
Requests: 17 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Frame ID: F72D9C703E48515A05122F0F047CD8BB
Requests: 13 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000210.html
Frame ID: BCE9E20A65FFBBA6C15CA1B3F85C4C92
Requests: 17 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E6933A27FAC4A54242C71423886675B6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 044E7846D148FDC0D828802CC5D38900
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.9news.com&us_privacy=1YNY
Frame ID: 64131EE895C75DEA613EED3E75127D7E
Requests: 2 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN.yucCo8YMAANUS4lQAAAAA
Frame ID: 7BC64C4FDC6F8D34E7D9EAE4B8A2184C
Requests: 23 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: BC2497DD453011F9F77584AB135EAB32
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 2F68A7AC6AF29FCAAA59A810BED85CFD
Requests: 10 HTTP requests in this frame

Frame: https://sync.bfmio.com/syncb?pid=137
Frame ID: 63105D623E528AE6E16775857C3B63D1
Requests: 7 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Frame ID: 2F26AE63052AC175D9663CCB3F5612B6
Requests: 29 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 3BBCE5B4DA9085C056DE3F8CBAF0D0F0
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyzrBvvwHhgN5Vzu1AAAAAAA&expiration=1692468281&is_secure=true
Frame ID: 38463D7992984CE2A8FD58928D314BF3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 8408DD659E1B366D1D04D9756C9388D2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 456A3F4537E6DC19EE28B5E2C5675D01
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: F6173A709068B049AF20037FE8140215
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: ADC3034B9A7E947B55E558A1BCADCA20
Requests: 2 HTTP requests in this frame

Frame: https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: BB0EB26D984ACE4FA6EDEF9B84B84019
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 093E57D30493CB07AE0E271E2F839228
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 0A11E29BAD205B7AAE7C52DCD46C1A25
Requests: 8 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 210EE2CF33A024529EFF090DCF11426C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 80E9ACA10FFB1C9C80291439B5DAD91D
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 0B239E8975D43323CE806A864DD4F090
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5FF561EED238FE09F204AAC7421F9851
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 270DA7900CB450D8924DF150CC28CE50
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: EDE6F525D5629CCD47212AD8225C5734
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: EF946782B1343DCD294486E10B8DB072
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Frame ID: 8D30AB6C1FCBA42CFD6BE2B7083B329B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuS1wyYvy5i_E29VS4C0j4TZbnL5BsUN6PsnlIC3LHpl74UWJk7aI86KBKN8p-knwXsm8UfHiqBvrtugsZ0CquDT1Lr3Anaxllmzbay7OSTMtyqYp402W6Rj3AE9eUWUCFEwB3KJQz2PLKcelnqJm6gJsS7a9elxW6chkzJmfAvzhQQ46uHIXdU3EdwXTdH-MjaIzpaf6uP6Io-In1UXyY_Jt7e6_MJwM9tVlUmDUaCSPaYEflpfb_B4EV_wLWiJ0ZBAMyReoJHSiqZiLAL20LoMS0qhzQLbqpOovT7nsCvot9EIidvl7trCqjR0_qt6LSQFJaYylgBt7KuMZYOsaS_Cc1wAPwzjrlxBJdk3hCSCXBJBOmzrbULy2fnP1A2KHneN9RbnQ3olsWF8emAn3NgjT82dwE&sai=AMfl-YSrm2XsYhQiLtdcgiZeAAmuC0AkAjdh-yBHK7T-pKuOHDZevdqjoUidMrX2gqcv7FtUMeMSOUHHeCPvXDPJXmaic1RFgU8-PwOX4xEEyDMAnH29Udly3EcuIS1ArCY&sig=Cg0ArKJSzFKQUEwDW4IjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DB2E316D4E9CDA766F0AFB859F13DA6B
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: F580F3B5FCB2236C545821CE235F0537
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 4C3CA16BCA83CDEFFC97FBF1FA74B33C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Frame ID: 135FEA546852224B4D3E41DDC7618EE1
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fb2ZXbzhaRTJ1SWJ4SzI0RmdvZW9TZjExVkxLanlxdX5B
Frame ID: 8EC688A1292119BCE50F2A91E9B5065B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8342177640231574973&ex=appnexus.com
Frame ID: DE84B3D413666F5162E21E0FDA4C3BB9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 019638E06546BE87E96695CAE6FF33DB
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 5F5B427FCAD0A6406E01C6DA0CF59D36
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=572205591462893908588
Frame ID: 34B2188F6436869A1FD525F0D6D71EDB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDC_MWARR6xw1QoC40J9n2Myj2i13vOsNRcZLEBobG73mG2Ipw7F7ojL7Ix6l35xI9NoZX_4BvAcw1tdSRf3e6y4-av7PxEeqrlgiSlXEolQcvs5ZNhCVLld8E2GGgWQNlLnhE5tXzLqw2hg4HPfofgFUXrHdYkpeIw6YHBEkIyLrUcNb-DvceHiSsjGE6vUvueacNO-eGV2y5PUImKtQQdd76cwQLt1vQoWWRflvN0Xe78lplIkPTYK-cgnvsdSOgM4raP07a_Y8r6yRZnxZujTzvkBagsTiGMrjbRkdl-eG5XbV5kS25NfFOl2IrWU0zR2M4tP6R7dvfPQaq5j6TFlZbLBno3zvxKGqdr-B_KhJA5ZEkFPSAfKSKuNAN6pph&sai=AMfl-YTJpJs05EnNM89TrMMGQcL6UWzEXjWj5yfaC8tX1F75cJkj21xl9MXIzb7Gy4jjyOfQABsxeWEXzMWBxB_ksz6D0jFxrRqYjytvcQTNSvpmPfDY77Zu_v8HucrHqmY&sig=Cg0ArKJSzEBJXdAk1MwpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 092287060375D0764B2DB21B0D2BA88F
Requests: 5 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=389660e3-c6dc-4342-92d0-f34bace7b3e9&expiration=1700330682
Frame ID: C9DCE44C2356BA9D8751CBF8F335A53B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN_yugAAAH7yvgAb
Frame ID: 515D0C52ECE03B131CC297709AECDDA6
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9iOWJmNDNhYi05OTgwLTRjN2QtYTU4MC02N2JiODk2MzBmNGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: CCC817D09FBC68E638E81602A35D06AF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: AD56CACBABA40EC2561001EAA5178902
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=cec9c022-2518-4275-90bb-40c27fa3670d
Frame ID: 8A139F50E2F90CD385F405F846934339
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZN.yusCo8YMAANUS4mAAAAAA
Frame ID: 6AE8DF1077D150E4FA73F3465F0A6933
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=68672530-90fe-40e1-b390-35080cc5eae0
Frame ID: 6287AA8A34575B8C637FA7CCD21B8EB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B2B58C92D7B3218A626DAF8580B4894
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 398101C44FA950A38DEB051C1FB573A4
Requests: 2 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3673c7c1-95e3-481c-bcab-445f76d8ea32&expiration=1700330682
Frame ID: E5D5ED40CC8418BE8A2095F584EB290F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=emnWOirBSCcEF1SiwHUR&pi=gumgum
Frame ID: 13E3F27EF377E10C757E06EC3D25EF4B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: CC52B8DC1EB463ED1BA2E83CFF6206A0
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C3BD0C7A-B371-4686-9220-ADA9A334E959&redir=true&gdpr=0&gdpr_consent=
Frame ID: F447E7A87548B945A3F48FFB674D4EE8
Requests: 1 HTTP requests in this frame

Frame: https://pmp.mxptint.net/sn.ashx?ak=1
Frame ID: AF0B305E5ED8C9FCDD739868EBC5BF80
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: F0B94D24F5A72F9E5744F8047AD7AA25
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/native/canvas-tmpl_v2.0.6.html?t=4063349
Frame ID: 6885C1FA4FEE07946B41CFC4AD057A4B
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 5C9AA45F88D4A4B3471C171F80EE1256
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 3712ED414C46CB94EC6135B9C77FBF46
Requests: 3 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 57747E81D83D770A1394EA88B3C06784
Requests: 9 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 32A3D898D0CEAA64001A654BCEC9AE54
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.9news.com
Frame ID: 870A0559B8622F8BA46EBFA0B158C20B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: E9915041E109B9F1A0F11B4CA5380C95
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: D98AFA746E2BA6C564D4D0943D32D77B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Frame ID: 7C48DE1E071DFFAA656DE710B487511B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Frame ID: BF920348893EC0EB2D5A8EF18A858BB5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 42EC2B2B9A3978E707783279CA27F98D
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: F882F3D0B8CA8D6416F3F7409B11BF17
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
Frame ID: B531D31B8F19FDC14AE07569BBE844B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_bd3caaeaf394422b86067
Frame ID: E3D89603B852DB41317255003429FBF5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb
Frame ID: 0FCB97ECEB2A7C69094BDB0DCC49FF29
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: DBDCAE32E33EC782ACFA19114254E845
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
Frame ID: B96D626B310772850EC28DD69D274043
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UYCeE6XS1Qx3PY5&gdpr=0&gdpr_consent=
Frame ID: F3058E4FC417FD3DD8815CC00785CA3A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321835791302801
Frame ID: AB512C2D69982AC0346DB8AFD1E0B572
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 24A24D8FA76BBB3393C222DBB264D5AA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Frame ID: 803705B9F2D8B465EC32DAB422123989
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815495536687
Frame ID: 45C1306F35919752171A4850D2002CF8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: AF050F1E093EDD97968A78EEC7A8D71B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D60CA2A18B7817F0D7A989107DEEA9A6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8e65b601ffd64ab78b8fdc6231c278f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: 4F287CA7132A338DB04284AF35086F01
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Frame ID: 9B36CCE39AF43EFF31247473AC58ACDC
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 96C46275EEC2B174D5F11C7355F3A52C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t73J9BPICYmy_shbvbLfZA
Frame ID: 82BA3ABFD0237243E575BA7ABAD0A283
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ab840700-4629-4c01-a0fb-8dff8340a404
Frame ID: 5D1B7098A462F3EFE3FF7DD9950CB4C1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7FDD01727D761DD6A67C30025CB3D6F0
Requests: 6 HTTP requests in this frame

Frame: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Frame ID: 33EDA2CCA9639337F64BEC6AC5CCDCE8
Requests: 2 HTTP requests in this frame

Frame: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Frame ID: 52CC7C7C88A38E848F7EE02A6E911798
Requests: 2 HTTP requests in this frame

Frame: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Frame ID: 9D5D46165C71C42CBE69311336B1C7B2
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Frame ID: F74C7C3A19818A153E3F6DDCF7FD74FF
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Frame ID: E6452155E580CB5829AD500A4CD05580
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Frame ID: 47F7CCFB3FC6EA4E02885D7413E35666
Requests: 11 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A2AA4F211245638F3230E50C95EC8749
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BCCC06D34348B9C9BEBCD317F858A6F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682851828574129
Frame ID: 88B8635D2141B2279DD2BBB61397CCEE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
Frame ID: 8040867307981263562E3B0150820533
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 2C15CE38808EBEEF15C67D47AE4AD9AB
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 5A9107A5CB3F3A540858B1FBA0A14C30
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3D7B841412CF83F0EFFA9D9E068FAF69
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682861553270732
Frame ID: A4FFAEB20172F4BB21DDFEE00C31F595
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
Frame ID: E32B028B6B2039A4EDDDA6FBB8F89786
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 4802DB55A20DAC48BCC3614DAAD72443
Requests: 1 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 58AAD9B6672DB87022B181418A98C926
Requests: 4 HTTP requests in this frame

Frame: https://2266a7f10398fb304e945be267393acb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 480F424691506F3904A5B259E33760BD
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 2A01536D64A31F469DA202E5EFEAFF6E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Frame ID: 83E3D80218A547363E74A79B25610B57
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 100F78927F5B22C917EC15F534E9B226
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DF584C10D31D1EFF906C6BD1761F4D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DB4FA6A717AF0F1AA5BEAEE06896AC0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 210CFDAE62C51128D38BD4582424B3D4
Requests: 3 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=1YNY&bidder_id=25&external_user_id=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 2A87ABCF7A08C83B9D06FA3FC866F486
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 469E18F8A9A00A7543ABFC4CB22415FF
Requests: 3 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=1YNY&bidder_id=25&external_user_id=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 3B11F8513A45A092A2FCAAB432E768C7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C42D40E6D8C68910744EF4FB87DF748F
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 04FE12F04CED591C9B1301FA1FE4B794
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: A0EA16B7465E4803D614F74E79F3081E
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e
Frame ID: 33BA7A3FFED5A7EC58288F8CE8FC837E
Requests: 2 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 2D2820C304D2D98800CDB1CB7690B399
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 15B783DD01D0F29BF4753C3A43D70F45
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=200&key=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Frame ID: 922F9EDC1406F93C486C1D0A87D5A12C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 5413A77BE170BBDB5C8D280E0E657AE5
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
Frame ID: E8D236FF58EAC0CBCB848578A321F87A
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Frame ID: FD4F9A095BA467548162502C9ECDA522
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1YNY
Frame ID: B5FC234C7CC78B1AC28B4E4232ADCC19
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/sync?redir=true&gdpr=0&gdpr_consent=
Frame ID: E117E778025667E08799664CD5C0DC6C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=18&key=HLDcfQZHcHxqw-twSRG0RE1f
Frame ID: 734E7571D04602F2651A14F20C3B23D2
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=10&pid=59c9148628a0612da3689288&key=dDwU09hZAwd6&ev=1&us_privacy=1YNY&pid=562704
Frame ID: 64E5A89853266DB0EEA5C4E6A99079CF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D1%26key%3D
Frame ID: 39907AF01D868DA433EF31CF90C77EE0
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=56&pid=59c9148628a0612da3689288&key=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
Frame ID: 5F7121AE29AB452A16EC46429C1E0225
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=2f3953791de8276ad86e884a0bc&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 5EC7E9FD0EC1DCFE0D8D6503674DCE50
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 3616A342A412D7DFC24CEAF7B6CA3C34
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=23&key=439a4e02-c31a-0eaa-3b34-ffcd040772e4
Frame ID: 9F175860B008703A3B1F78E62EF7EA27
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=1&key=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 9B82E952D2CC25307C4B9A01ED038334
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=1&key=C3BD0C7A-B371-4686-9220-ADA9A334E959
Frame ID: 35D42425E450401E56B755D4AD04D8A7
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e
Frame ID: 111F4E2D545744163EEDF1556F527DFE
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 09A3069B4949436E8EEBBED858A5CDED
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=41&pid=59c9148628a0612da3689288&key=572205591462893908588
Frame ID: D54AE16E178E2CBC76ED60D9681441E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Colorado tried to weed out unemployment fraud and caught thousands of real claims in the process | 9news.comBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

904
Requests

69 %
HTTPS

20 %
IPv6

160
Domains

287
Subdomains

171
IPs

13
Countries

16788 kB
Transfer

31736 kB
Size

402
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://sb.scorecardresearch.com/c2/19962895/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 117
  • https://sb.scorecardresearch.com/b?c1=2&c2=19962895&comscorekw=news&category=news&templatetype=video&ns__t=1692381878781&ns_c=UTF-8&c8=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&c7=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&comscorekw=news&category=news&templatetype=video&ns__t=1692381878781&ns_c=UTF-8&c8=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&c7=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&c9=
Request Chain 171
  • https://tegna.tagger.opecloud.com/tegna/v2/pixel.gif?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&ref=&tref=&tz=10&screen=1600x1200x24&visiturl=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&uspstatus=uspoptoutsalenoconsent&e=%5B%7B%22contentId%22%3A%222d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22contentCategories%22%3A%22local%2Cnews%22%2C%22contentTitle%22%3A%22Colorado+tried+to+weed+out+unemployment+fraud+and+caught+thousands+of+real+claims+in+the+process%22%2C%22pageType%22%3A%22video%22%2C%22section%22%3A%22news%22%2C%22subsection%22%3A%22local%22%2C%22callLetters%22%3A%22KUSA%22%2C%22siteId%22%3A%2273%22%2C%22watsonKeywords%22%3A%22real+claims%2CColorado+Department+of+Labor%2Ccall+center+reps%2CUnintended+consequences%2Clegitimate+claim%22%2C%22platform%22%3A%22desktop%22%2C%22type%22%3A%22pageView%22%7D%5D&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7 HTTP 302
  • https://tegna.tagger.opecloud.com/tegna/v2/pixel.gif?e=%5B%7B%22contentId%22%3A%222d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22contentCategories%22%3A%22local%2Cnews%22%2C%22contentTitle%22%3A%22Colorado+tried+to+weed+out+unemployment+fraud+and+caught+thousands+of+real+claims+in+the+process%22%2C%22pageType%22%3A%22video%22%2C%22section%22%3A%22news%22%2C%22subsection%22%3A%22local%22%2C%22callLetters%22%3A%22KUSA%22%2C%22siteId%22%3A%2273%22%2C%22watsonKeywords%22%3A%22real+claims%2CColorado+Department+of+Labor%2Ccall+center+reps%2CUnintended+consequences%2Clegitimate+claim%22%2C%22platform%22%3A%22desktop%22%2C%22type%22%3A%22pageView%22%7D%5D&tref=&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&tz=10&trackability-redirect=true&visiturl=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&ref=&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7&screen=1600x1200x24&uspstatus=uspoptoutsalenoconsent HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna&google_tc= HTTP 302
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna&google_gid=CAESEAp-1goX6hxZ5kk9tFAI1Y4&google_cver=1 HTTP 302
  • https://tegna.tagger.opecloud.com/dbm/opecs.gif?state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna&google_gid=CAESEAp-1goX6hxZ5kk9tFAI1Y4&google_cver=1 HTTP 302
  • https://um.simpli.fi/1plusx?state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna HTTP 302
  • https://tagger.opecloud.com/simplifi/pbfs.gif?puid=BB882163254D4174AB34F94472E55A64&state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna HTTP 302
  • https://tegna.tagger.opecloud.com/simplifi/pbfs.gif?puid=BB882163254D4174AB34F94472E55A64&state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna
Request Chain 237
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&dcc=t
Request Chain 249
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 250
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836?gdpr=0&us_privacy=1YNY HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iIDcbGpE2oQ3wIfHmiq9CCfvrgNLKhlhCO_bug--~A
Request Chain 251
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1YNY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1YNY&verify=true HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
Request Chain 252
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 253
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836?gdpr=0&us_privacy=1YNY HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-POzPy9tE2oRGLltRZtB0x3o0wKBMANDrz1pa8g--~A
Request Chain 257
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 261
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 268
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=emnWOirBSCcEF1SiwHUR&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
Request Chain 269
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212153247920106
Request Chain 270
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sharethrough&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050722815741397&expires=30&ssp=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 271
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent= HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=163c4006ee4506a2&is_secure=true&networkId=44410&version=1&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACW0a7j7-svwNck40pAAAAAAA&expiration=1692468281&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 272
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9abdfd0b-d0fa-312c-9e0c-6b99adc0bdf5
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YzRjMWJhNTctNWMzZC00YzhmLWFjMDctN2ExNzkzYzU2ZWRi HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 274
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=91bdb2e1-c5a3-4f2e-88f3-eda1dae50aee&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=91bdb2e1-c5a3-4f2e-88f3-eda1dae50aee&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sharethrough HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sharethrough HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4844965109403605106&ssp=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 275
  • https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Xq4nDQqoIVJFqnVfW61uU12iJg1FqCcKCqpHAlUB
Request Chain 276
  • https://sync.1rx.io/usersync2/sharethrough HTTP 302
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1692381881028 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7338384621 HTTP 302
  • https://sync.1rx.io/usersync/turn/2990610143720356760?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_id%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 283
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3497096569 HTTP 302
  • https://sync.1rx.io/usersync/turn/2918552549682428824?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_id%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 284
  • https://usync.vrtcal.com/i?ssp=1822&surl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvrtcal.com%26id%3D%24%24VRTCALUSER%24%24 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=d18f6c570a2d6be4f53aed0163e942d5
Request Chain 285
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=f53a4d9aec
Request Chain 286
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1c04d107-c8fa-4398-973e-dec51524914a
Request Chain 289
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN.yucCo8YMAANUS4lQAAAAA
Request Chain 290
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=c4ae383c8e2a41d0a07c96ef67d34d18 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=c4ae383c8e2a41d0a07c96ef67d34d18
Request Chain 292
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5AL-R-5RL7
Request Chain 293
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836?gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-WraFyFRE2oTW.PDhsT1T1FYVwn58r1Sgjkb2nA--~A
Request Chain 294
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=10db3cefb38fb779299930e47afa2d2c
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGTpomb5hSPCb4yC7nNS4V0&google_cver=1
Request Chain 297
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
Request Chain 298
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 299
  • https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=1YNY&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=1YNY&gdpr=0&gdpr_consent=&dnr=1
Request Chain 302
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7
Request Chain 303
  • https://id5-sync.com/s/464/9.gif?puid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/6/2.gif?puid=38f50135-3dcc-4b60-a270-799747dbc202&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/5/3.gif?puid=8342177640231574973&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAC0Ik7Jv2UAACTqc7GRqQ&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F203%2F3%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/203/3/5.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F2%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/2/6.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F203%2F1%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/203/1/7.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1244%2F0%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/464/1244/0/8.gif?puid=HLDcfQZHcHxqw-twSRG0RE1f&gdpr=0&gdpr_consent=
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596547717171969174&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 305
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=48a489b6-ded6-4798-8895-47d7be6c575d HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=48a489b6-ded6-4798-8895-47d7be6c575d&tbid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&query=taboola_hm%3D48a489b6-ded6-4798-8895-47d7be6c575d&isDirect=0
Request Chain 308
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4sFL9glzVMVgpwr4qouw3CaEdkg
Request Chain 310
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=9822358b-212a-0be1-1cf9-4b56212cff62
Request Chain 311
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=1YNY&redir= HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
Request Chain 315
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 316
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 318
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=998e5ecf-c5a3-4f28-b599-21e9af40e393&ssp=triplelift&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 321
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/572205591462893908588?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
Request Chain 323
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
Request Chain 324
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 325
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 326
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 328
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
Request Chain 330
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=f2306052-bf0e-4a8f-9a05-aaf2868fa5d8&expires=10&ssp=triplelift&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/572205591462893908588?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
Request Chain 333
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
Request Chain 334
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 336
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 339
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 340
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=56154954e7cc15f0&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyzrBvvwHhgN5Vzu1AAAAAAA&expiration=1692468281&is_secure=true
Request Chain 346
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 347
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 348
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
Request Chain 349
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
Request Chain 350
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
Request Chain 351
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-H-EM9N
Request Chain 352
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=326d6ce716415f0&is_secure=true&networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHyzrBvvwHvwMfxlstAAAAAAA&expiration=1692468282&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&is_secure=true&gdpr_consent=&gdpr=-1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 353
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
Request Chain 354
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
Request Chain 356
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
Request Chain 358
  • https://idsync.rlcdn.com/403716.gif?partner_uid=2j4qxcabqnm4mmr9ah4sxtjcl HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTJqNHF4Y2FicW5tNG1tcjlhaDRzeHRqY2wQABoNCLnl_qYGEgUI6AcQAEIASgA HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
Request Chain 360
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
Request Chain 361
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
Request Chain 362
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
Request Chain 363
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-1G-H2WQ
Request Chain 364
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=12615299283806a2&is_secure=true&networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH3bQhF4Tv1QMnkJyoAAAAAAA&expiration=1692468282&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&is_secure=true&gdpr_consent=&gdpr=-1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 365
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
Request Chain 366
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
Request Chain 368
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
Request Chain 370
  • https://idsync.rlcdn.com/403716.gif?partner_uid=2j4qxcabqnm4mmr9ah4sxtjcl HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIueX-pgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIueX-pgYSBAgCEABCAEoA&google_gid=CAESENYt2Il_jMxsqHnfSM1AKMA&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://pippio.com/api/sync?pid=709973&it=1&iv=PvjFnDEO
Request Chain 373
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 374
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=9news.com&sn=ChromeSyncframe&so=0&topUrl=www.9news.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=BleUp3xiQUNLZkhCdzh0MVdtVGZaRTdrTUpZc3ZWVVRlbUgxM05wVEtmakhaSjN6YStFUHJGY3JELy9YTzBkSzRZdTJCRTIxYU9VbGdYUHpCWHZnY2J6MDV5eXN5MUR5ZXRWNlB3Nk9LQ2x3LzFhK3VVOTFRSjRUMzVOZnVlcUp1ZkFqWFRVQVk3aVJYck55Q1VJV0x0ZHd0MENLTWJoS0YwNGFaVENOQTZEd0RxNEsxOVQ4TmpDVW0yUmtIV1Y5NXRlOVJ3em85aVhiTWRkN29MVENHMTB1V3NVNzdNTGJ0TmtxVHNVVHUxSWxtSTRobmh1dmhlVjZ5anBvdVh2MTZLYndqTlJwSVJUQjNicm9FTHBRTGxGeTlXQT09fA&cppv=2
Request Chain 375
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Request Chain 380
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 386
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Request Chain 388
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=f77ed681-cf2e-43f1-9d5f-d90b7e819daa
Request Chain 389
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
Request Chain 390
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
Request Chain 391
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=cvlODfnPetH7&ev=1&pid=562763
Request Chain 392
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
Request Chain 393
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 394
  • https://ad.360yield.com/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
Request Chain 395
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Dc28ee0e9-df1e-4d35-8383-5ac27408fe76%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=8342177640231574973 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Dc28ee0e9-df1e-4d35-8383-5ac27408fe76%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=index_rtb&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Dc28ee0e9-df1e-4d35-8383-5ac27408fe76%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/2/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=sovrn&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0=&uid=HLDcfQZHcHxqw-twSRG0RE1f HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Dc28ee0e9-df1e-4d35-8383-5ac27408fe76%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/3/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=adform&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=4844965109403605106 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c28ee0e9-df1e-4d35-8383-5ac27408fe76
Request Chain 396
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
Request Chain 397
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Request Chain 398
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDyyQXvRkENR&gdpr=&gdpr_consent=&us_privacy=
Request Chain 402
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=823eae10-6224-4439-adad-6fc86f3e80e5
Request Chain 403
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
Request Chain 404
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
Request Chain 405
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=0tS80SDvhiWx&ev=1&pid=562763
Request Chain 406
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
Request Chain 407
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 408
  • https://ad.360yield.com/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
Request Chain 409
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c51-d7d5-4150-bc01-350914d50662%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=8342177640231574973 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c51-d7d5-4150-bc01-350914d50662%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=amx_com&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid= HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c51-d7d5-4150-bc01-350914d50662%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/2/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=sovrn&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0=&uid=HLDcfQZHcHxqw-twSRG0RE1f HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c51-d7d5-4150-bc01-350914d50662%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/3/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=openx&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=26c65967-72b4-095f-05db-8ac5010a995b HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F4%252F29748%253Fgdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D36030c51-d7d5-4150-bc01-350914d50662%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c51-d7d5-4150-bc01-350914d50662%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3DC3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 302
  • https://prebid.a-mo.net/cchain/4/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=pubmatic&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=36030c51-d7d5-4150-bc01-350914d50662
Request Chain 410
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
Request Chain 411
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Request Chain 412
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDys2L3_HSHF&gdpr=&gdpr_consent=&us_privacy=
Request Chain 415
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Request Chain 418
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973881&gdpr=0&gdpr_consent=
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
Request Chain 421
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN.yuQ0X0tnKZUDaNNXD1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECSphkEo6DWEkzpwaT8Xd-E&google_cver=1&google_hm=2
Request Chain 422
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC0Ik7Jv2UAACTqc7GRqQ&expiration=1693591482
Request Chain 423
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=nuktKWU8mZJruE1cgPG6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23TVNN2EWV2VHBWVUSTSOVCTCY3HKBDTM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23TVNN2EWV2VHBWVUSTSOVCTCY3HKBDTM HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nuktKWU8mZJruE1cgPG6
Request Chain 424
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5132813517839228127&gdpr=0&gdpr_consent=
Request Chain 425
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b68d3bb9-1f59-1b83-f9d95c83
Request Chain 427
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fb2ZXbzhaRTJ1SWJ4SzI0RmdvZW9TZjExVkxLanlxdX5B
Request Chain 428
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8342177640231574973&ex=appnexus.com
Request Chain 429
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 431
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=572205591462893908588
Request Chain 432
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8342177640231574973
Request Chain 434
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZN_yugAJkOfzIgBY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN_yugAJkOfzIgBY&_test=ZN_yugAJkOfzIgBY
Request Chain 436
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708279482&external_user_id=3c83a954-9f89-4dfa-90d2-b887ed615e4d
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
Request Chain 440
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8342177640231574973
Request Chain 441
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=3bd7ba67-281f-40bb-ac12-dd965e68b1dc&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dgumgum2%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=cS1kRathptTz23Ltbocc0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
Request Chain 442
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&obuid=ENC(sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DsDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=dDwU09hZAwd6&obUid=sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform&ev=1&us_privacy=${us_privacy}&pid=562709
Request Chain 443
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e82572d8-e33e-02e0-092c-5a3d48015a90
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72
Request Chain 445
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-vqLXnttE2pd28A_xY9Z1v3mB6ib8F8AtWPq8~A
Request Chain 446
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=a2fb9ede-b4be-49ec-954b-55ac4d60984a
Request Chain 448
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=E7bMllYMEHF6PGyWUIdf&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVCTOYSNNRWFSTKFJBDDMUCHPFLVKSLEMY HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVCTOYSNNRWFSTKFJBDDMUCHPFLVKSLEMY HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=E7bMllYMEHF6PGyWUIdf
Request Chain 449
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f788601c-7903-41d0-8bd4-00f0948479b2
Request Chain 450
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=KDF18IOhksPf&ev=1&pid=558355
Request Chain 451
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5132813517839228127
Request Chain 455
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
Request Chain 456
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8342177640231574973
Request Chain 457
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
Request Chain 458
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72&gdpr=&gdpr_consent=
Request Chain 462
  • https://match.adsrvr.org/track/cmf/openx?oxid=1f18d6a8-cb2b-3ab6-6e57-4ad080515bd6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=1f18d6a8-cb2b-3ab6-6e57-4ad080515bd6&gdpr=0&gdpr_consent=
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFqhEvvGAW_5RBSjuQlYMDI&google_cver=1
Request Chain 469
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Request Chain 470
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3278840519872068504
Request Chain 471
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=625a9fc10f3e15f0&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHyzrBvvwHuAN2iJWLAAAAAAA&expiration=1692468282&is_secure=true
Request Chain 472
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Request Chain 473
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=979321835791302801
Request Chain 474
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973882&gdpr=0&gdpr_consent=
Request Chain 475
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5
Request Chain 476
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=A_p4KVf8fnYY_ip7BvkxdwD2eSkY_HguV_4f_URu
Request Chain 479
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4sFL9glzVMVgpwr4qouw3CaEdkg
Request Chain 481
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1YNY HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e619b299-0285-4247-8fc1-c42cb229d02e
Request Chain 482
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gpp_sid=null&gpp=null&us_privacy=1YNY&gdpr_consent=null&gdpr=null
Request Chain 483
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1YNY HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Request Chain 484
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Request Chain 487
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=BB882163254D4174AB34F94472E55A64&us_privacy=1YNY
Request Chain 488
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1YNY HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=972208001108325558&expiration=1693591482
Request Chain 489
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1YNY HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
Request Chain 491
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5&us_privacy=1YNY
Request Chain 492
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=za4J1TTLHcsqOEP-BXok&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26TBGRFDCVCUJREGG43RJ5CVALKCLBXWWJTVONPXA4TJOZQWG6J5GFMU4WI&us_privacy=1YNY HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26TBGRFDCVCUJREGG43RJ5CVALKCLBXWWJTVONPXA4TJOZQWG6J5GFMU4WI HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=za4J1TTLHcsqOEP-BXok&us_privacy=1YNY
Request Chain 496
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=389660e3-c6dc-4342-92d0-f34bace7b3e9&expiration=1700330682
Request Chain 497
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN_yugAAAH7yvgAb
Request Chain 500
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 501
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN.yusCo8YMAANUS4mAAAAAA
Request Chain 502
  • https://cs.admanmedia.com/sync/gumgum?puid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=68672530-90fe-40e1-b390-35080cc5eae0
Request Chain 503
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&google_hm=ZWI2ZjdiODgtYTRiYy00ZTYwLWJmNzktNzEwNTE3Y2I4NmU4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEENRTM1PPwebLhWqqEqnfF8&google_cver=1&ssp=sonobi&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Request Chain 504
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=cec9c022-2518-4275-90bb-40c27fa3670d&pubid=91e92b73fd
Request Chain 505
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316564243691116
Request Chain 506
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=emnWOirBSCcEF1SiwHUR&pi=sonobi
Request Chain 507
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=6f5eeefe-658b-41c1-aa64-1cde178e9d11&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Q0pVckdMTFFwajdrWWgzRzdxbk9QZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
Request Chain 508
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
Request Chain 509
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7597054620029118479
Request Chain 512
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=6f5eeefe-658b-41c1-aa64-1cde178e9d11&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=6f5eeefe-658b-41c1-aa64-1cde178e9d11&sInitiator=external
Request Chain 513
  • https://id5-sync.com/s/434/9.gif?puid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F8%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/8/2.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/434/434/7/3.gif?puid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/434/429/6/4.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/5/5.gif?puid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-2edezvzXTjNos6B9e4mEM9aJDG5Hc4D6T7k14bC6vQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/3/4/6.gif?puid=772b64df-b2bd-4800-8735-0aa640d77ef7&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/3/7.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=8342177640231574973&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1246/2/8.gif?puid=HLDcfQZHcHxqw-twSRG0RE1f&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-2edezvzXTjNos6B9e4mEM9aJDG5Hc4D6T7k14bC6vQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F1%2F9.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/3/1/9.gif?puid=772b64df-b2bd-4800-8735-0aa640d77ef7&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=%%TTL%%
Request Chain 514
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 515
  • https://thrtle.com/insync?vxii_pid=10072&vxii_pdid=6f5eeefe-658b-41c1-aa64-1cde178e9d11 HTTP 302
  • https://thrtle.com/insync?vxii_pdid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&vxii_pid=12&vxii_pid1=10072&vxii_rcid=942b4952-3cab-499b-89a1-d2b8f6de8bbb
Request Chain 517
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=48a489b6-ded6-4798-8895-47d7be6c575d
Request Chain 518
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=b4356aaa-1aff-0db9-156f-43f6a2671a93
Request Chain 519
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NmY1ZWVlZmUtNjU4Yi00MWMxLWFhNjQtMWNkZTE3OGU5ZDEx HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB1ZwmlP4FZbfWblLMZzGmg&google_cver=1
Request Chain 520
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=b260189533234555a018953323955580
Request Chain 521
  • https://idsync.rlcdn.com/711892.gif?partner_uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
Request Chain 522
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=6f5eeefe-658b-41c1-aa64-1cde178e9d11 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=6f5eeefe-658b-41c1-aa64-1cde178e9d11 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
Request Chain 524
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=572205591462893908588
Request Chain 528
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=a25c2708-dcbd-44cf-9563-d52cf479f8ab
Request Chain 531
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 533
  • https://nep.advangelists.com/xp/user-sync?acctid=49&redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D167%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.bfmio.com/sync?pid=167&uid=av-0f68c4b5-3801-4a2d-8228-3bcec724df6b
Request Chain 534
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/3d963303e5b3a0d586aeb0dc76dd4ed179598ccd HTTP 302
  • https://sync.bfmio.com/sync?pid=157&uid=y-.9gw8UVE2pL1s5u3RFuf5.Ek38NKT6Av7DsLC8IOLA--~A
Request Chain 535
  • https://ad.mrtnsvr.com/sync/beachfront HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D187%26uid%3D%23PM_USER_ID HTTP 302
  • https://sync.bfmio.com/sync?pid=187&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Request Chain 536
  • https://match.prod.bidr.io/cookie-sync/bch HTTP 303
  • https://match.prod.bidr.io/cookie-sync/bch?_bee_ppp=1 HTTP 303
  • https://sync.bfmio.com/sync?pid=168&uid=AAC0Ik7Jv2UAACTqc7GRqQ
Request Chain 540
  • https://um4.eqads.com/um/cs?us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3673c7c1-95e3-481c-bcab-445f76d8ea32&expiration=1700330682
Request Chain 541
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=emnWOirBSCcEF1SiwHUR&pi=gumgum
Request Chain 542
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 544
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3m7D3yyGGDy6izeVjQld HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3m7D3yyGGDy6izeVjQld HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
Request Chain 545
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=8342177640231574973&pn_id=an
Request Chain 546
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC3BD0C7A-B371-4686-9220-ADA9A334E959%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
Request Chain 548
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3m7D3yyGGDy6izeVjQld HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 550
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMElrN0p2MlVBQUNUcWM3R1JxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAC0Ik7Jv2UAACTqc7GRqQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC0Ik7Jv2UAACTqc7GRqQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAC0Ik7Jv2UAACTqc7GRqQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC0Ik7Jv2UAACTqc7GRqQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5132813517839228127&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0Ik7Jv2UAACTqc7GRqQ&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_1079D40AC_2E2BF9C4&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 551
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8342177640231574973&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a2fb9ede-b4be-49ec-954b-55ac4d60984a&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DC3BD0C7A-B371-4686-9220-ADA9A334E959&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w70MerNxRoaSIK2pozTpWQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 553
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
Request Chain 556
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzNCRDBDN0EtQjM3MS00Njg2LTkyMjAtQURBOUEzMzRFOTU5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNWUqMNVn-j22OqxteqpHQ&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
Request Chain 558
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=61d9af75-bf4b-3930-827d-6b5a658aa7a2&ssp=pubmatic&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Request Chain 559
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b0387f28-94b6-406f-a845-794f24da15b6&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 561
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-os7UaiBE2uXkpe9sXsnL2oqHSDL9aAk-~A&gdpr=0
Request Chain 562
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3278840519872068504&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dpubmatic%26bsw_param%3Deb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D38f50135-3dcc-4b60-a270-799747dbc202%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dpubmatic%252526bsw_param%25253Deb6f7b88-a4bc-4e60-bf79-710517cb86e8%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8342177640231574973&pt=38f50135-3dcc-4b60-a270-799747dbc202%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dpubmatic%2526bsw_param%253Deb6f7b88-a4bc-4e60-bf79-710517cb86e8%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=pubmatic&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 565
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Request Chain 566
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=5132813517839228127&gdpr=0&gdpr_consent=
Request Chain 567
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C3BD0C7A-B371-4686-9220-ADA9A334E959
Request Chain 568
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Request Chain 569
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=df4dd5171d3e973d54e72ea7458e96b&gdpr_consent=&gdpr=0
Request Chain 570
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3m7DXvyGGDys2L3_HSHF&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 571
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
Request Chain 572
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8342177640231574973&gdpr=0&gdpr_consent=
Request Chain 573
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=f718ca3e-1cc4-07f3-2510-1642a1f88f95
Request Chain 574
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0
Request Chain 575
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2371384685 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cec9c022-2518-4275-90bb-40c27fa3670d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 576
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=dDwU09hZAwd6&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 577
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212153247920106
Request Chain 578
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6354388824 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cec9c022-2518-4275-90bb-40c27fa3670d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 579
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
Request Chain 580
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Request Chain 582
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VTh2Nl9tYUY4TlN3WHVXNjg0SlNkdw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
Request Chain 583
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=196a7bf1473106a2&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABw5NPE5oNxANl_CLRAAAAAAA&expiration=1692468282&nuid=&is_secure=true
Request Chain 584
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr_in_effect=0&gdpr_consent=
Request Chain 592
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1YNY&gdpr=0&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
Request Chain 597
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 599
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=emnWOirBSCcEF1SiwHUR&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 600
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LLGWH5J5-B-4TBO&gdpr=0
Request Chain 602
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=dDwU09hZAwd6&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 603
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5578878752 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cec9c022-2518-4275-90bb-40c27fa3670d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 605
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok
Request Chain 607
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1YNY HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1YNY
Request Chain 608
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=&expires=30
Request Chain 609
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=865T-pkuTZ6Buje7GWd8Dg&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=865T-pkuTZ6Buje7GWd8Dg&gdpr=0
Request Chain 610
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1YNY HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
Request Chain 611
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExHV0g1SjUtQi00VEJP&gdpr=0&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDMq-i97KXiwVLwPY9-caLA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHV0g1SjUtQi00VEJP&google_push=&gdpr=0
Request Chain 612
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1YNY HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nJSlN57gvuFlc8P3QboaAA?csrc=&gdpr=0&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1kWqg3lE2oLzbny3_58H2iIkSuGizS7SwESO1g--~A
Request Chain 613
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEA9GGKG-D_uh6GzI3SQUdfE&google_cver=1
Request Chain 616
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.9news.com%2F&domain=www.9news.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=65YP23x0aDRYWmg5VVdqV1JrZGZNQWRUcjZFRUc3eVlYSUtyL1R0YytQLzdmNVBJdVRKSEJ3TzVrc2dreXNsNFJMaGZmcC9MRnhhYjJYaTY0S0xtOXl5ckE2S29MKzNpbEo3T01mRzB5Vng5b2pjQmUzNFFndEQvQkF6NFJvblZJWG9PbGgvK2JONWIyeDR2N2lmMC9OUUI3anllTUtlb21ycElUQ09oZ2pKQVcvVFIwQWdEa2w2dHF1dzdvaEtUby9lZXJxbGJBaEhyT3A2endMVHJVT1YvREo5N2ZBb3p1SEVrRnNydWxrbHZhaUJmSmVSYUFYQXY2ODM3SzhqcVdTaEo0QjN1T3FzN08yQ2lvcUZCSnlERjBudz09fA&cppv=2
Request Chain 621
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
Request Chain 622
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
Request Chain 629
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=24856&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LLGWH5J5-B-4TBO
Request Chain 633
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5J5-B-4TBO
Request Chain 635
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LLGWH5J5-B-4TBO
Request Chain 638
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=9news.com&sn=ChromeSyncframe&so=3&topUrl=www.9news.com&bundle=3ZzXx19qNFdsRTBJcXc1amNlZkZvMllZNXpKWSUyRnd4JTJGaSUyRmtja0M5MTJrZ2hLWjdhanFjd1NKMCUyRmFyTzc3MWpUZG13MGtLOFZJYTJKbDVmV0QzblFIRE5hZGpvNll6aWVUZ0NyTndYWWQzN1hvWWhha3lPM24yMDVEUFltblRjV3JjV2ZaSDJheVBFaHpkOEFGc2QzalJidXRLdyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3YRbTnxFc1lJTmNpS20yNm1lTDFRL2IveitrbWhBaUVBcGtUNHl3b3pwZHEzYUhmN2hySzZzWWpJMUdLNVhwMDJBVjdIa1VKQ3BqbzNZbHFXS1Mwdm1RTGNiTFBNbW5nTDlTV2p2RlBCOGtaQzU0K2l2NkszbDZWTjdJSDVWa3pkdHJlc0dZS2VDMEV1cnYzK2hZVnZWd0UzaklBUFYzQldRVUFncm42bDdhQWd3dE5Bd0dtb0FaQit2SkxyRE1xUnJrSUp5OS92SnJkUSs1OURaTTFOdmdwWC9pQmVuQXhSSXVtRHFHeVd5cXlHK1ZYZWJ1KzdTbVY4MTdJUEtiLy8zVTZUTC9GQmF4ZVRYYk1IZ2FGc0FEcDBsUT09fA&cppv=2
Request Chain 647
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LLGWH5J5-B-4TBO&us_privacy=1YNY
Request Chain 664
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Sports&us_privacy=1YNY&random=1692381883797.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Sports&us_privacy=1YNY&random=1692381883797.1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlUtTVVPYjFGTjZXZkFZTGtBal9tZmZWMzFzZ1BwdVBHVVZJMi1kaUxqWWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEIvsl0zTiFbu-2dpqPuyNMA&google_cver=1
Request Chain 666
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&us_privacy=1YNY&ts=1692381883797.3 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D64dfb2bc6edd410001bb870d%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/an/8342177640231574973?ch=64dfb2bc6edd410001bb870d&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/cec9c022-2518-4275-90bb-40c27fa3670d?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 667
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&pcat=Sports&pdev=&pctry=US&referrer=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&us_privacy=1YNY&cache_buster=1692381883797.4 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%3A1692381884.2563138&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%253A1692381884.2563138%26pid%3D500040%26it%3D1%26iv%3D2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%253A1692381884.2563138%26_%3D1692381884.26104&cb=1692381884.261088 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=979321835791302801&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%253A1692381884.2563138%26pid%3D500040%26it%3D1%26iv%3D2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%253A1692381884.2563138%26_%3D1692381884.26104 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%3A1692381884.2563138&pid=500040&it=1&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%3A1692381884.2563138&_=1692381884.26104 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138&pid=500040&_li_chk=true&_=1692381884.26104&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138&previous_uuid=91825204d3bf47229a18d0cdb2a60351 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1692381884.26104&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138
Request Chain 668
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&us_privacy=1YNY&random=1692381883797.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D38f50135-3dcc-4b60-a270-799747dbc202%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8342177640231574973&pt=38f50135-3dcc-4b60-a270-799747dbc202%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=PvjFnDEO
Request Chain 669
  • https://dp2.33across.com/ps/?pid=1205&rand=1692381883797.6 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212153247920106
Request Chain 670
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&us_privacy=1YNY&random=1692381883797.7&pu=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53 HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212153247920106&seg_code=33x&random=1692381884
Request Chain 679
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Request Chain 680
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1692381883963.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Request Chain 681
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1YNY HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=4sFL9glzVMVgpwr4qouw3CaEdkg&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 682
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-D9TN08VE2uHl5XKJNPM9uWemgqhft48l~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-D9TN08VE2uHl5XKJNPM9uWemgqhft48l%7EA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 683
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1YNY HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=516bb2b41c9315f0&is_secure=true&networkId=78390&version=1&us_privacy=1YNY HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABw5NPE5oODAMzbz-oAAAAAAA&expiration=1692468284&is_secure=true&us_privacy=1YNY HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABw5NPE5oODAMzbz-oAAAAAAA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 684
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=33&xu=572205591462893908588 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=572205591462893908588&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 685
  • https://bh.contextweb.com/bh/rtset?pid=561811&ev=1&us_privacy=&rurl=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=contextweb.com&idType=cookie&partnerUserId=%%VGUID%% HTTP 302
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=contextweb.com&ev=1&idType=cookie&us_privacy=&partnerUserId=dDwU09hZAwd6&pid=561811
Request Chain 688
  • https://ib.adnxs.com/getuid?https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=$UID&partnerDomain=adnxs.com&idType=cookie&referrer=https://www.website.com HTTP 302
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=8342177640231574973&partnerDomain=adnxs.com&idType=cookie&referrer=https://www.website.com
Request Chain 696
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
Request Chain 697
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_bd3caaeaf394422b86067
Request Chain 698
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb
Request Chain 699
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 700
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
Request Chain 701
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UYCeE6XS1Qx3PY5&gdpr=0&gdpr_consent=
Request Chain 702
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321835791302801
Request Chain 703
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=998e5ecf-c5a3-4f28-b599-21e9af40e393&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Request Chain 704
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Request Chain 711
  • https://eu.ads.audio.thisisdax.com/sp_sync?sp_id=1&redir=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2FsyncMe%3FpartnerDomain%3Dthisisdax.com%26idType%3Dcookie%26partnerUserId%3D${DAX_LISTENERID} HTTP 302
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=thisisdax.com&idType=cookie&partnerUserId=6699078FC83D87283989CE2BF38177EF
Request Chain 713
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815495536687
Request Chain 714
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 715
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 716
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8e65b601ffd64ab78b8fdc6231c278f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 717
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7622490810 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/772b64df-b2bd-4800-8735-0aa640d77ef7?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 719
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t73J9BPICYmy_shbvbLfZA
Request Chain 720
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ab840700-4629-4c01-a0fb-8dff8340a404
Request Chain 722
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPPsV09fqFcDd_imbb7LQzc&google_cver=1
Request Chain 725
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4844965109403605106
Request Chain 726
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8342177640231574973
Request Chain 738
  • https://pr-bh.ybp.yahoo.com/sync/adswizz/ HTTP 302
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=y-VG.PxjhE2pFuq75ANbY6SzP_Ox9o2revmJGV9A--~A&partnerDomain=yahoo.com&idType=cookie
Request Chain 740
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1YNY&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LLGWH5J5-B-4TBO&us_privacy=1YNY HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLGWH5J5-B-4TBO&ts=1692381885&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 754
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=0096e24d-9951-06f8-18c2-d191646355e7&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN-yvd-jWh7TFqIs08ekkzY1
Request Chain 755
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=wE5clGKtg5iIIwZnU0hhbA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 756
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=a2fb9ede-b4be-49ec-954b-55ac4d60984a
Request Chain 757
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Request Chain 760
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 761
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8342177640231574973
Request Chain 762
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3278840519872068504&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 763
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN_yugAJkOfzIgBY
Request Chain 767
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456682851828574129&uid=Q7456682851828574129&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682851828574129
Request Chain 768
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
Request Chain 771
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 303
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Request Chain 773
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=b6d418b0-3df1-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
Request Chain 774
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1862c700-54dd-4546-9455-41a6072353e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 775
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nz12BMs7cFuEOSRWmj4_WpwxdwSEO3YDyzlRhGcv
Request Chain 776
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=66b1fa93-2ac7-47d8-832e-50b904d41770&user_group=1&ssp=openx&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
Request Chain 777
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=979321835791302801
Request Chain 778
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=BB882163254D4174AB34F94472E55A64
Request Chain 784
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=b3b54322-d3b3-1f80-997e-0123a59c1b14 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0r27jucusl1i9
Request Chain 786
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=ef5aaee7cfe15f0&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAH3bQhF4TwUgMhNQ70AAAAAAA&expiration=1692468286&nuid={OX_USER_ID}&is_secure=true
Request Chain 787
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7456682861811089444&uid=Q7456682861811089444&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7456682861811089444
Request Chain 788
  • https://rtb.adentifi.com/CookieSyncOpenX HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_b49a7c60-3df1-11ee-9934-120817463c8f
Request Chain 789
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D%7BOPENX_ID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=1623a715-5e54-0328-190c-f437728fa3ea HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662106876211246
Request Chain 790
  • https://sync.1rx.io/usersync/openx/8c2ec6ca-b09e-08dd-3eba-133826e917aa HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 791
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AAC0Ik7Jv2UAACTqc7GRqQ&id=537125688
Request Chain 793
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_1079D40AC_2E2BF9C4
Request Chain 794
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=UYCeE6XS1Qx3PY5
Request Chain 795
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4844965109403605106
Request Chain 799
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=b6dd8e90-3df1-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
Request Chain 802
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456682861553270732&uid=Q7456682861553270732&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682861553270732
Request Chain 803
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
Request Chain 804
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9573d229-ef09-4f10-bbba-f4744b5fb487&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 816
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWZsTldSZzd4b1VSUkc3YWNTNVEzMTkyQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4844965109403605106&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 819
  • https://pixel.onaudience.com/?partner=214&mapped=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=f3c3c87a6ef9c3e9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=N1JMTC82UWw5OTl6cjUyQQ%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHC9Np03eq6jAIRWwe1tIzE&google_cver=1
Request Chain 820
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1YNY HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
Request Chain 821
  • https://event.clientgear.com/cookie/taboola?partner=taboola HTTP 302
  • https://sync.taboola.com/sg/yeahmobidsprtb-network/1/rtb-h/?taboola_hm=mke840eb0bf5524587b7da392fb853c81f
Request Chain 822
  • https://ads.stickyadstv.com/user-matching?id=3570&gdpr=gdpr=0&&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=e51cbca298cb61bd34fc2d7583e3673&gdpr_consent=&gdpr=gdpr%3D0
Request Chain 827
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C3BD0C7A-B371-4686-9220-ADA9A334E959 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
Request Chain 837
  • https://gklfs-1dic0.ads.tremorhub.com/ad/tag?adCode=gklfs-6e22p&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY HTTP 302
  • https://gklfs-1dic0.ads.tremorhub.com/ad/tag?adCode=gklfs-6e22p&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY&_tur=T
Request Chain 839
  • https://jzwjq.ads.tremorhub.com/ad/tag?adCode=gklfs-lsya3&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY HTTP 302
  • https://jzwjq.ads.tremorhub.com/ad/tag?adCode=gklfs-lsya3&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY&_tur=T
Request Chain 866
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005&rndcb=6879913472 HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=adconductor&bsw_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=adconductor&bsw_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=f026e252-144f-416e-a656-1a54e96cc56c&expires=3&user_group=1&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/eb6f7b88-a4bc-4e60-bf79-710517cb86e8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D200%26key%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=200&key=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Request Chain 867
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 868
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1692381889468-994613872329-001229-001-002651&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D3%26key%3D%5BUSER_ID%5D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
Request Chain 872
  • https://ap.lijit.com/pixel?us_privacy=1YNY&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=18&key=HLDcfQZHcHxqw-twSRG0RE1f
Request Chain 873
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1YNY&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=10&pid=59c9148628a0612da3689288&key=dDwU09hZAwd6&ev=1&us_privacy=1YNY&pid=562704
Request Chain 875
  • https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=56&pid=59c9148628a0612da3689288&key=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
Request Chain 876
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=2f3953791de8276ad86e884a0bc&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 878
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=23&key=439a4e02-c31a-0eaa-3b34-ffcd040772e4
Request Chain 880
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=24&pid=59c9148628a0612da3689288&key=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Request Chain 887
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=c28ee0e9-df1e-4d35-8383-5ac27408fe76&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Request Chain 888
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=c28ee0e9-df1e-4d35-8383-5ac27408fe76 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A&gdpr=0
Request Chain 889
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LLGWH5J5-B-4TBO&gdpr=0
Request Chain 890
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc28ee0e9-df1e-4d35-8383-5ac27408fe76%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=smartadserver&uid=5132813517839228127
Request Chain 897
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LLGWH5J5-B-4TBO&us_privacy=1YNY
Request Chain 907
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D41%26pid%3D59c9148628a0612da3689288%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=41&pid=59c9148628a0612da3689288&key=572205591462893908588

904 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 73-2d942893-5578-4aa0-a328-3528a43a3f53
www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/ 		207 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
d5768a041296065f90450569dcc9ddea0ee5bd4bfb3b4a6f855cf67b7b1616f3
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=5385
content-encoding
gzip
content-length
37698
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:36 GMT
expires
Fri, 18 Aug 2023 19:34:21 GMT
pragma
no-cache
strict-transport-security
max-age=7776000; includeSubDomains; preload
vary
Accept-Encoding
x-akamai-transformed
9 51309 0 pmb=mTOE,4
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
modules.min_7.5.11.css
www.9news.com/ 		223 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/modules.min_7.5.11.css
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
a90cf476a407e0a9401b8b859e9712decb1746d832591b69563958708810853a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:36 GMT
last-modified
Thu, 03 Aug 2023 19:04:56 GMT
etag
"1d9c63d64284056"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=256438
accept-ranges
bytes
content-length
50211
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:18:34 GMT
common.min_7.5.11.js
www.9news.com/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/common.min_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
fbe0c52f56b16ec4de9677fe5b3495cc1f404b9ef92304bf0bd1b83452700b72
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:36 GMT
last-modified
Thu, 03 Aug 2023 19:04:12 GMT
etag
"1d9c63d49f18138"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256478
accept-ranges
bytes
content-length
18451
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:19:14 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
X1C0PY0lSDg1JSpsyFxfYA==
age
41752
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6837
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 19:31:03 GMT
server
cloudflare
etag
0x8DB9F587E9B1B98
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bef2d7ac-a01e-0054-6b43-d176d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f8c1488bf2c2884-MIA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
41752
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f8c1488cf2d2884-MIA
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6365555335a4a50e60c4282b958c7a26be890f5ffb5cc640d0e58a269ca1fedf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 18:04:36 GMT
67f836b5
www.9news.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/akam/13/67f836b5
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
faa710c0f7769f75703e8c8de22135fdd2f5f3df26bd4cf7d856fea8a25167a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Feb 2022 15:07:28 GMT
etag
"8791f14161578526d37c11a2be066332b54693b871d26ec24423b5afc0dd5e61"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
8805
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 18:04:36 GMT
close-menu.svg
www.9news.com/assets/shared-images/icons/ 		287 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/icons/close-menu.svg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
010e128b57dec050c1a5a238e8d18f42ba3b66f4fc52cc83cdd392c230263544
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:36 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f441f"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=50393
accept-ranges
bytes
content-length
208
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 08:04:29 GMT
kusa.png
www.9news.com/assets/shared-images/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/logos/kusa.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
88efd056c1b084f2121dabecddef6ac2cfbd9cdcff4084c3b2f8bd7bf6f6b8b8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f5e0e"
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=133283
accept-ranges
bytes
content-length
6926
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 07:05:59 GMT
564164222_140x79.jpg
media.9news.com/assets/KUSA/images/564164222/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/KUSA/images/564164222/564164222_140x79.jpg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e29b432b4732c5c58bb37323f3cf0eca36c8b1f985a5f155e4c14a2d53d3b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 Dec 2018 17:07:51 GMT
x-amz-request-id
9AYS3M37XXG2EKKA
etag
"c0d16382ab8fbf0ae17468368deaa3b7"
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1271751
accept-ranges
bytes
content-length
6409
x-amz-id-2
6aUeR+pHod9UToqLIUH/Z1EL8YH4AptcAcaO3VyRh8UqvdUgoIqDIqEva4iAFVTL3ZcRLRNiG9g=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 11:20:27 GMT
blank.png
www.9news.com/assets/shared-images/backgrounds/ 		95 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/backgrounds/blank.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f455f"
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=58287
accept-ranges
bytes
content-length
95
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 10:16:03 GMT
ccde5064-7dfb-4281-b52a-695954da9ca9_16x9.jpg
media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ 		710 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ccde5064-7dfb-4281-b52a-695954da9ca9_16x9.jpg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2940e4ba09a2d8c143c4080bde49dce9b945f6ace955e643ebe74fb73a8aec67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
Si03MU7VU1BHICbl3utWyk.nw.8_p9iy
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 12:53:57 GMT
x-amz-request-id
X777VHPFVH55Z6DN
etag
"723a95aa7b3b02aa92d20de13dda5958"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1289136
accept-ranges
bytes
content-length
710
x-amz-id-2
upsLDjovBagdX+igk0RCz3cKfeIj6LL3Hqz/T2YK7s7n7GudmzrAYrxmYy3+lG4SQDMi4DEMRfw=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 16:10:12 GMT
f59b4a90-a610-4cef-97ff-6a2bb500919d_16x9.jpg
media.9news.com/assets/VERIFY/images/f59b4a90-a610-4cef-97ff-6a2bb500919d/ 		719 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/VERIFY/images/f59b4a90-a610-4cef-97ff-6a2bb500919d/f59b4a90-a610-4cef-97ff-6a2bb500919d_16x9.jpg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e225f5185d40ee6b100e911384017b7ce51298285b7921dd540b2a878a79b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
4haCKraa7fO17bpgz36MpbFnzFergLbL
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 20:54:21 GMT
x-amz-request-id
A1KEGTQFWK4X7C4P
etag
"341b90a1379b2d916757eb5b05185b35"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1221628
accept-ranges
bytes
content-length
719
x-amz-id-2
QDonjwokVJQnhQ0oqZna+HfeDzn/HhL9HzXEz8k+7dMhYZEaUWbzdsCrweJvu2eixg6ij7TLfDo=
x-xss-protection
1; mode=block
expires
Fri, 01 Sep 2023 21:25:04 GMT
eb0cf470-3f18-4e4d-8efc-15f47361adcf_16x9.jpg
media.9news.com/assets/WOI/images/eb0cf470-3f18-4e4d-8efc-15f47361adcf/ 		753 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/WOI/images/eb0cf470-3f18-4e4d-8efc-15f47361adcf/eb0cf470-3f18-4e4d-8efc-15f47361adcf_16x9.jpg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3d0b9c36f50c5b00737cf19ae5f3238d7f6ec8d9145d256c1ca29554fb4a23cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
QAcCEgSdQgGPKxCNa8HqoutglesSyM_D
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 12:38:21 GMT
x-amz-request-id
HCD2XP4H003W3G7X
etag
"a744467d9230cf9c7390cd293fd14432"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1281542
accept-ranges
bytes
content-length
753
x-amz-id-2
D/jVNH8LKNmv1AqSKLtDNQt1yjVn1CThCPabHA+ulmPjY2//ztf/Xk6sx4j2pdxjYnTgDtIEoNo=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 14:03:38 GMT
kusa.svg
www.9news.com/assets/shared-images/logos/native/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/logos/native/kusa.svg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
925f3639a2a524b898a52fa283d43975bc32fa3111dbaf17ff472bb29093aed0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:36 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f52ab"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=92916
accept-ranges
bytes
content-length
2491
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 19:53:12 GMT
mostly-sunny-day_8x8.png
www.9news.com/assets/shared-images/weather-icons/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/weather-icons/mostly-sunny-day_8x8.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
515a57bd4a8c546cdb6846c84310dc905866472365fbc4c84fa54bd218244fb1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f7ffe"
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=133666
accept-ranges
bytes
content-length
15102
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 07:12:22 GMT
amp.js
www.9news.com/assets/js-libs/akamai/amp/core/ 		605 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
d21321b8ed5f90961872dfa942d25e1cc7078c5b90d2a84b6faf211b1abd806b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:36 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275636c3"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=104979
accept-ranges
bytes
content-length
159386
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 23:14:15 GMT
cc6211fa-88bb-4c42-bf9b-58403b98ff71.json
cdn.cookielaw.org/consent/cc6211fa-88bb-4c42-bf9b-58403b98ff71/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cc6211fa-88bb-4c42-bf9b-58403b98ff71/cc6211fa-88bb-4c42-bf9b-58403b98ff71.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614b9157e3ffa774359e0c94ddb3e51072cc79cce824c6f2ce5bf0ca6af97806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
14567
content-md5
WVjxSpRjAePHgUqgzMw+Aw==
content-length
1476
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jul 2023 13:51:59 GMT
server
cloudflare
etag
0x8DB8EA8A62AE740
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ea6f1f61-601e-002b-1a91-c0ac5e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f8c14898ae4da7f-MIA
expires
Sat, 19 Aug 2023 18:04:36 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		77 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7f8c1489ad2502dc-MIA
vary
Accept-Encoding
content-type
text/javascript
v2tidn1p9usdUbjMQtdjwdrRCzFbfqCUiSsyLvejmz6Ud7jCDPMa0p0y0
hospitablehall.com/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hospitablehall.com/v2tidn1p9usdUbjMQtdjwdrRCzFbfqCUiSsyLvejmz6Ud7jCDPMa0p0y0
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f4e99c3102bcf675b11ab21c6097946505ff99a2a9b87888c92586e565183f5b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 18 Aug 2023 18:04:36 GMT
x-datacenter
gce-us-east1
etag
"36526ac7249175cf08d079372373106f5a02cefda82fe3a39977183ee8596ce4"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-wh2p
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
971037043
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
diag-5x5-blue-2x.png
www.9news.com/assets/shared-images/backgrounds/ 		486 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/backgrounds/diag-5x5-blue-2x.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
e7e638e2b784c385f72ad60a8832fbb550b716769988d9abf570968e268e87f4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f44e6"
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=161346
accept-ranges
bytes
content-length
486
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 14:53:42 GMT
search.png
www.9news.com/images/header/ 		744 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/images/header/search.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
dd620ff1363947eaa898325ec249aad550adf5e7937d2ed37dcad5e6b4751636
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:05:08 GMT
etag
"1d9c63d6b5248e8"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=166853
accept-ranges
bytes
content-length
744
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 16:25:29 GMT
arrow.png
www.9news.com/images/header/ 		403 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/images/header/arrow.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
16235d26a4505b22b5b62c524f5de5daf63ab483046da51209f5eae79dbe6317
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:05:06 GMT
etag
"1d9c63d6a211c93"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=171726
accept-ranges
bytes
content-length
403
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 17:46:42 GMT
mostly-sunny-day_210x210.png
www.9news.com/assets/shared-images/weather-icons/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/weather-icons/mostly-sunny-day_210x210.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
f6d17c8b1d318a111a6c54f2d638250106c017d9d5ce95668ccb2b2ed7eff4a7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f2fc0"
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=214082
accept-ranges
bytes
content-length
27328
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 05:32:38 GMT
proximanova-regular-webfont.woff2
www.9news.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/fonts/proximanova-regular-webfont.woff2
Requested by
Host: www.9news.com
URL: https://www.9news.com/modules.min_7.5.11.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
bc902768c2ec3a51106337c1b7b7ee9d0994a21f795b879db7cd24029edd33c7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/modules.min_7.5.11.css
Origin
https://www.9news.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f7cc8"
x-powered-by
ASP.NET
content-type
font/woff2
cache-control
max-age=106202
accept-ranges
bytes
content-length
14792
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 23:34:38 GMT
proximanova-extrabold-webfont.woff2
www.9news.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/fonts/proximanova-extrabold-webfont.woff2
Requested by
Host: www.9news.com
URL: https://www.9news.com/modules.min_7.5.11.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
8f4ad4651d303f2ba96e415554e247770276cbf7a9165d3ae1d3fd8fcaed5f41
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/modules.min_7.5.11.css
Origin
https://www.9news.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f7c14"
x-powered-by
ASP.NET
content-type
font/woff2
cache-control
max-age=158196
accept-ranges
bytes
content-length
14612
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 14:01:12 GMT
proximanova-bold-webfont.woff2
www.9news.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/fonts/proximanova-bold-webfont.woff2
Requested by
Host: www.9news.com
URL: https://www.9news.com/modules.min_7.5.11.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
6b1a95aed3687521fcbf654063d65a3facbe97c96c888c9016bbe8d1c719637f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/modules.min_7.5.11.css
Origin
https://www.9news.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f7c94"
x-powered-by
ASP.NET
content-type
font/woff2
cache-control
max-age=104959
accept-ranges
bytes
content-length
14740
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 23:13:55 GMT
close.svg
www.9news.com/assets/shared-images/icons/ 		270 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9news.com/assets/shared-images/icons/close.svg
Requested by
Host: www.9news.com
URL: https://www.9news.com/modules.min_7.5.11.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
2774640b1d27c3aa4e178db75e4a77fd9ae7d9b01fa15e29de0a05bc21d3d829
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/modules.min_7.5.11.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:36 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f440e"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=106284
accept-ranges
bytes
content-length
201
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 23:36:00 GMT
proximanova-semibold-webfont.woff2
www.9news.com/assets/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/fonts/proximanova-semibold-webfont.woff2
Requested by
Host: www.9news.com
URL: https://www.9news.com/modules.min_7.5.11.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
ecf31d03b0335b2099411a2b2ffe02cb9272db8ee1878e7f693b9f07caf12af1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/modules.min_7.5.11.css
Origin
https://www.9news.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f7da0"
x-powered-by
ASP.NET
content-type
font/woff2
cache-control
max-age=76469
accept-ranges
bytes
content-length
14496
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 15:19:05 GMT
e5394d32-4195-479c-a781-a6dfe59b5d61_1920x1080.jpg
media.9news.com/assets/KUSA/images/e5394d32-4195-479c-a781-a6dfe59b5d61/ 		293 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/KUSA/images/e5394d32-4195-479c-a781-a6dfe59b5d61/e5394d32-4195-479c-a781-a6dfe59b5d61_1920x1080.jpg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
758cf8038c2efe5c0e1b208fd6b7aa469c25fde29641f52a3bf08a8188504b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
W.nZjWar_jimKWUaKLwbUcCbnxV1zmLh
date
Fri, 18 Aug 2023 18:04:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 04:41:50 GMT
x-amz-request-id
MWKK1S8RBK7BK5GF
etag
"f4f075d10dfb55a66f195423a0cb6427"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1247928
accept-ranges
bytes
content-length
299691
x-amz-id-2
JQV9U5D6yJdK5AEXXfId1XhHH4SeifSq27jcDNItSrvzC5Ow2fRvRg9wN0JVbNFHRHedfKaOoh8=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 04:43:24 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202304.1.0/ 		401 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
f9AvZgohx9TU9t078cCRXA==
age
29958
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99020
x-ms-lease-status
unlocked
last-modified
Thu, 11 May 2023 06:31:14 GMT
server
cloudflare
etag
0x8DB51E951BA9202
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c1394cd4-d01e-015b-13d8-8399cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f8c148a196e2884-MIA
en.json
cdn.cookielaw.org/consent/cc6211fa-88bb-4c42-bf9b-58403b98ff71/94680f46-002d-4f86-a3d8-1075953d6f89/ 		148 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/cc6211fa-88bb-4c42-bf9b-58403b98ff71/94680f46-002d-4f86-a3d8-1075953d6f89/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d48e71e731946e8ade37c612451724ae993b3624d42b6182a6f6bf196f4cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
14293
content-md5
49ou/3AhCF/1D8M7OIgiDQ==
content-length
27214
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jul 2023 13:52:08 GMT
server
cloudflare
etag
0x8DB8EA8AB340CCF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1f692349-201e-0145-0e91-c04322000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f8c148acd3eda7f-MIA
expires
Sat, 19 Aug 2023 18:04:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 		450 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
Origin
https://www.9news.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 01:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184483
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Aug 2024 01:08:07 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=8380478_advertisement_
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:05:09 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
7891168
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
ae31MF1md5QkNc_r7c0GRF3mURrI3jKnRGXvgl-SEJAgcM_fKYpEYA==
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
otGPP.js
cdn.cookielaw.org/scripttemplates/202304.1.0/ 		57 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202304.1.0/otGPP.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f7230a2e07d0f3bcae9b22155a91cb0323bb0dc646d8b6b52a147aead1956c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
aTAVNql72eT0tFw+mRMlfA==
age
27574
x-ms-lease-status
unlocked
last-modified
Thu, 11 May 2023 06:31:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ac0a3e1e-401e-009d-6826-84a2a6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f8c148bdcca2884-MIA
photo_7.5.11.js
www.9news.com/ 		304 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/photo_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
8b59a3a458de365091b4decaee9a96d39f90286e28b011209d6e0f3ba9ae1e2e
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:38 GMT
etag
"1d9c63d5970a630"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256427
accept-ranges
bytes
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:18:24 GMT
lazy-image_7.5.11.js
www.9news.com/ 		938 B
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/lazy-image_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
787f8c15a3859a4812776b88a320a4daae26bde0a60b6d62dbbf0898da439f8b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:36 GMT
etag
"1d9c63d583f79aa"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256569
accept-ranges
bytes
content-length
634
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:20:46 GMT
ad_7.5.11.js
www.9news.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/ad_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
42e509b5dc6b0bb4439804a177e1933c7daa8509977fe79744b12a4ff91c6567
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:58 GMT
etag
"1d9c63d419903a8"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256542
accept-ranges
bytes
content-length
3417
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:20:19 GMT
gallery_7.5.11.js
www.9news.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/gallery_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
97faaa63a47cbd0bffe7d0d77d1966ffa0b83f8efc69ccfda8af8b541f013aa5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:22 GMT
etag
"1d9c63d4fe72f05"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=125875
accept-ranges
bytes
content-length
1445
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 05:02:32 GMT
video_7.5.11.js
www.9news.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/video_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
0395ca7725e5f2699b27bd18b51e6f77d4f0478a4dafea4665cdcbf096b184cb
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:50 GMT
etag
"1d9c63d6097d53c"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=194603
accept-ranges
bytes
content-length
9106
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 00:08:00 GMT
taboola_7.5.11.js
www.9news.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/taboola_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
da9dcb390eaccf5f5bab579580b58a9eae7135206e3e1e312fe21a50c77baa20
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:48 GMT
etag
"1d9c63d5f668355"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256636
accept-ranges
bytes
content-length
1360
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:21:53 GMT
related-stories_7.5.11.js
www.9news.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/related-stories_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
0945f99e7812f5ea0d902014ab9c047a3bd43700787c7de2413414702beca79a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:46 GMT
etag
"1d9c63d5e355fa3"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256651
accept-ranges
bytes
content-length
800
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:22:08 GMT
raw-html_7.5.11.js
www.9news.com/ 		310 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/raw-html_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
1b3aa4d25a4573cb4e3c84dd9eb6feb79f973e69b92e78a2d6cc4f33674284ec
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:44 GMT
etag
"1d9c63d5d042f36"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256472
accept-ranges
bytes
content-length
334
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:19:09 GMT
elections_7.5.11.js
www.9news.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/elections_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
460a63d5236b5fe977f6490e9845a96c7fe4075ce7cb449b7d5798e2a35ef4b3
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:20 GMT
etag
"1d9c63d4eb61875"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256485
accept-ranges
bytes
content-length
1240
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:19:22 GMT
election-single-race_7.5.11.js
www.9news.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/election-single-race_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
169ee924cc881489a71214f9dcc851bcc6ea7bd0a6f8a6d9f6818967a7470cc7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:20 GMT
etag
"1d9c63d4eb61b62"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256417
accept-ranges
bytes
content-length
1148
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:18:14 GMT
story-row_7.5.11.js
www.9news.com/ 		2 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/story-row_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
f39010919950c1283bb6ddab6da6864606d350f0ec6e9c76b08eba78ed74e3e5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:48 GMT
etag
"1d9c63d5f6680ca"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256414
accept-ranges
bytes
content-length
720
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:18:11 GMT
watch-live_7.5.11.js
www.9news.com/ 		987 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/watch-live_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
d016d5681dae66d86523436990ef6357ff38b3d6aa1acf8e63de2886621efaf3
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:50 GMT
etag
"1d9c63d6097b6db"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256830
accept-ranges
bytes
content-length
610
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:25:07 GMT
mini-live-video_7.5.11.js
www.9news.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/mini-live-video_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
cbcbf1bbb1b3099a58b47c70f74556adeedbf9d3751a5959f15307724ede86c7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:38 GMT
etag
"1d9c63d5970ae35"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=26613
accept-ranges
bytes
content-length
1337
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 01:28:10 GMT
notifications_7.5.11.js
www.9news.com/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/notifications_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
0942959fde1bb2d1cf4f72d0dac0a2fa1d2b9868c47ce170c27ceb37b9617768
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:38 GMT
etag
"1d9c63d59708f77"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=137273
accept-ranges
bytes
content-length
2234
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 08:12:30 GMT
firebase-app.js
www.9news.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/firebase-app.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
2d3f90c03fcef37f116ee6f93c349128e0b02b669528bcb27d59b3ae92a6deff
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:20 GMT
etag
"1d9c63d4eb6397b"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=183747
accept-ranges
bytes
content-length
4533
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 21:07:04 GMT
firebase-messaging.js
www.9news.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/firebase-messaging.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
e27208c7042a1f7b58665b29f1a41356bcdb72d08f563199d34e419d29187df5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:20 GMT
etag
"1d9c63d4eb66ff0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=155952
accept-ranges
bytes
content-length
11159
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 13:23:49 GMT
bem_7.5.11.js
www.9news.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/bem_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
5a8a2589af4d9b5425821a23dff1779d6c0d35b33c66dda9069bd010b3237d61
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:10 GMT
etag
"1d9c63d48c038a2"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256473
accept-ranges
bytes
content-length
1064
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:19:10 GMT
live-messages.js
www.9news.com/assets/js-libs/live-messages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/live-messages/live-messages.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
1b7c00d19a3d05ae9cc1442d4ad09319c131495ceb20ecca91712e915b75f60b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f4a1f"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=104868
accept-ranges
bytes
content-length
1348
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 23:12:25 GMT
modal_7.5.11.js
www.9news.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/modal_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
e36872c3322a3719152f398eb6198993dba0a25d10704048308414628e46e04a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:38 GMT
etag
"1d9c63d5970a0a8"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256526
accept-ranges
bytes
content-length
1056
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:20:03 GMT
jquery-utils_7.5.11.js
www.9news.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/jquery-utils_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
f86a99cbdf13f83232902c06988448c56eace5c884a1b8f45cb205a6ce431558
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:34 GMT
etag
"1d9c63d570e4668"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256457
accept-ranges
bytes
content-length
1382
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:18:54 GMT
jquery.js
www.9news.com/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/jquery.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
497483f02597286bf1ae8a6d4260028cebb820523eefbf92b024986794f39826
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:36 GMT
etag
"1d9c63d583e2003"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=104831
accept-ranges
bytes
content-length
39787
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 23:11:48 GMT
app-badge_7.5.11.js
www.9news.com/ 		665 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/app-badge_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
35e43c314ae5343a0458ec39d9bf72810a5c8f3579ba0c46ed43d7dcc581ca51
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:08 GMT
etag
"1d9c63d478f0699"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256477
accept-ranges
bytes
content-length
532
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:19:14 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
VwzPf/atFGVLVHgPLKsA5g==
age
14074
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3019
x-ms-lease-status
unlocked
last-modified
Thu, 11 May 2023 06:31:08 GMT
server
cloudflare
etag
0x8DB51E94E2F9DF3
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5f1f33b9-901e-009f-7c91-c0a05c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f8c148c4830da7f-MIA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbcda486180500c3bf70f1d7e9f7501cd7e64cf86dbcb2cbd6151f3dc9c57397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7yLwUOtnxjidZ+gYZ6sWoQ==
age
13485
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14750
x-ms-lease-status
unlocked
last-modified
Thu, 11 May 2023 06:31:09 GMT
server
cloudflare
etag
0x8DB51E94E8F15F9
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e4b05c16-c01e-0122-5391-c0f085000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f8c148c4833da7f-MIA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
14074
x-ms-lease-status
unlocked
last-modified
Thu, 11 May 2023 06:31:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2cf22a55-001e-00b3-6991-c02261000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f8c148c4835da7f-MIA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
26315
content-length
4036
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 19:31:09 GMT
server
cloudflare
etag
0x8DB9F58827C878D
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
5a6591a9-a01e-007b-6c79-d17b1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f8c148cce412884-MIA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Aug 2023 18:04:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
10237
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 03:26:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
54cacdb2-101e-000c-3835-d1ae8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f8c148cce472884-MIA
header
www.9news.com/ajax/content/ 		40 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/ajax/content/header
Requested by
Host: www.9news.com
URL: https://www.9news.com/common.min_7.5.11.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
99f1f20ca181805f1d41148247e7715a236c87c14b3e62361b57ed3827be9a05
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

pragma
no-cache
cache-control
no-cache
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=136
content-length
3222
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 18:06:53 GMT
hls.min.js
www.9news.com/assets/js-libs/akamai/amp/core/libs/ 		315 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
ea420861aa8a347662899406f74cf262a376714cfdefe54aaa02980a500f5ae4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275bae2a"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=183898
accept-ranges
bytes
content-length
124729
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 21:09:35 GMT
live-video-banner_7.5.11.js
www.9news.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/live-video-banner_7.5.11.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
378bac3dbc1b1e4a26a077863b6260302f1321c02b52b40243ef1f0c8eca6404
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:04:36 GMT
etag
"1d9c63d583f7f58"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=256523
accept-ranges
bytes
content-length
832
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 17:20:00 GMT
signalr.min.js
www.9news.com/assets/js-libs/signalr/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/signalr/signalr.min.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
c682f11f436b09c0f49e0f3c6ad3525000bec52c72754afa5692c16c9ece776f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275e923c"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=100936
accept-ranges
bytes
content-length
32831
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 22:06:53 GMT
0079c83810a4ae60d56468a56a2c4e5e7c660f0463f532347a86
moorshoes.com/0/ 		280 B
785 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://moorshoes.com/0/0079c83810a4ae60d56468a56a2c4e5e7c660f0463f532347a86
Requested by
Host: hospitablehall.com
URL: https://hospitablehall.com/v2tidn1p9usdUbjMQtdjwdrRCzFbfqCUiSsyLvejmz6Ud7jCDPMa0p0y0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
360310ac8561182ff6dc660f780717e9894912b246eac96f515d0fdcd8871533
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 18 Aug 2023 18:04:37 GMT
via
1.1 google
x-buildnumber
971037043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
x-hostname
fen-hoothoot-us-east1-wh2p
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 18 Aug 2023 18:04:36 GMT
negotiate
www.9news.com/tgnaMessage/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/tgnaMessage/negotiate
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/signalr/signalr.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
7b25685c72d02b4c9f7d7ba2e611cbd6f9aad6daccbb54f3f577b6d1f3de61a9
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=7636
content-length
572
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 20:11:53 GMT
73
www.9news.com/ajax/content/relatedvideos/2d942893-5578-4aa0-a328-3528a43a3f53/10/ 		49 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/ajax/content/relatedvideos/2d942893-5578-4aa0-a328-3528a43a3f53/10/73
Requested by
Host: www.9news.com
URL: https://www.9news.com/video_7.5.11.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
42e6acf140555f98ba6c546b8f852f27c4734c6536fb61fcc8e19c40e68c59c1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=49
content-length
14806
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 18:05:26 GMT
amp.min.css
www.9news.com/assets/js-libs/akamai/amp/core/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/core/amp.min.css
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
a840af2ad7494eaf80b0f4015dc745bfb8852cc4438eea934b30f20c0289377b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f4986"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=103017
accept-ranges
bytes
content-length
1191
x-xss-protection
1; mode=block
expires
Sat, 19 Aug 2023 22:41:34 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		354 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c404da90b764cc0001704aa7a3fcd9d8406cd240b874eea16e62c44fe55e33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124776
x-xss-protection
0
expires
Fri, 18 Aug 2023 18:04:37 GMT
Ima.min.js
www.9news.com/assets/js-libs/akamai/amp/ima/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/ima/Ima.min.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
a6c563629879d807d40f59562419f2ea67fe505990657ea55eedf045b3e070a1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f2edf"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=184037
accept-ranges
bytes
content-length
8600
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 21:11:54 GMT
react.min.js
www.9news.com/assets/js-libs/akamai/amp/react/libs/ 		28 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/react/libs/react.min.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
ce2354c8da66afc7b22e18fb2b53520933885683ca9730e9d448add8c680cd08
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f2a07"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=184212
accept-ranges
bytes
content-length
12777
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 21:14:49 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		247 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb24602a785ce2f3e175d779885c87d604e712c4eb1a5dd78a1380781c7dac3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 17:29:51 GMT
content-encoding
gzip
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront), 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 14:49:34 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
2087
x-amz-server-side-encryption
AES256
etag
W/"bac9efbb7b4c1b9520fd904fd0d1d62f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
jlMxsFAy08nn3Vs-7Rjlh3cALvUWbSYTYWOuefR7lVwvUKTOvQxjSA==
loader.js
cdn.taboola.com/libtrc/tegna-network1/ 		547 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/common.min_7.5.11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9561c2848c0b81e8aa80ec3d5bbd2a8da7aa9c8a3749ccd1ee114dbb4a66edfd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
4YPDippEt6eVxpf831p4eM5EoDX63pB8
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:37 GMT
x-amz-request-id
2H193X487ZWQ89D0
age
94
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
63747
x-amz-id-2
JC0DguIkqIUvedt2pomufjqJ7Tu4Ba7jHn+GaFn7ri6nlv2KZQNq0o5Qe8/QXFNTHMi7cu+Q+hg=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Thu, 17 Aug 2023 14:37:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381878.712687,VS0,VE0
etag
"9b124e517208ef15cb483045ce2104a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
58
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
10
negotiate
tgna-ux-ctrl.service.signalr.net/client/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tgna-ux-ctrl.service.signalr.net/client/negotiate?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=ZsJhKRMwAAA%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1030:10:4::8 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.9news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
negotiate
tgna-ux-ctrl.service.signalr.net/client/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgna-ux-ctrl.service.signalr.net/client/negotiate?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=ZsJhKRMwAAA%3D
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/signalr/signalr.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1030:10:4::8 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.9news.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjkyNzk5NDI2In0.eyJuYmYiOjE2OTIzNzUwNzUsImV4cCI6MTY5MjM3ODY3NSwiaWF0IjoxNjkyMzc1MDc1LCJhdWQiOiJodHRwczovL3RnbmEtdXgtY3RybC5zZXJ2aWNlLnNpZ25hbHIubmV0L2NsaWVudC8_aHViPXRlZ25hb25lbWVzc2FnZSJ9.eA6SBEe-Rqfzg5tFyeTsTZrH9TzeOPeUidxrAZHgFjA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
www-authenticate
Bearer error="invalid_token", error_description="The token lifetime is invalid; NotBefore: '08/18/2023 16:11:15', Expires: '08/18/2023 17:11:15'"
content-length
0
vary
Origin
comscore.min.js
www.9news.com/assets/js-libs/comscore/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/comscore/comscore.min.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
53d4ceea45222fc610fd480f08b69c9156126fba28c28370cbdbb3818d3bd9fc
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275e255a"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=141176
accept-ranges
bytes
content-length
23395
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 09:17:33 GMT
pixel_67f836b5
www.9news.com/akam/13/ 		0
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/akam/13/pixel_67f836b5
Requested by
Host: www.9news.com
URL: https://www.9news.com/akam/13/67f836b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Aug 2023 18:04:37 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
max-age=0
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 18:04:37 GMT
utag.js
tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/ 		166 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
228a8784b227290823d25076b181b9ee5e83e14c8535b72a3a063a446ddce95e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
kft3gmJY.652DbD2ATI33NC7szLNLxSR
content-encoding
br
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
date
Fri, 18 Aug 2023 18:04:38 GMT
last-modified
Tue, 25 Jul 2023 19:59:50 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
etag
W/"85b4e1c6a46dfce48e8a57a588a9f09b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
VWcNGpDjP_KIp7GPmmITndyjgXeNu0BmsXCBlCsJm2H32AbAdE5FZA==
React.min.css
www.9news.com/assets/js-libs/akamai/amp/react/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/react/React.min.css
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
4f88d20cbdd370befd03e5fa7686b986230a1f81228c0d0783c0dc96bed0cc54
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f24f8"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=184288
accept-ranges
bytes
content-length
7237
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 21:16:05 GMT
React.min.js
www.9news.com/assets/js-libs/akamai/amp/react/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/react/React.min.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
234584bfb39ba6afb3f792055acd546273511ef0063ed8234f66a99ca15e2494
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:37 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275edcd4"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=184063
accept-ranges
bytes
content-length
27327
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 21:12:20 GMT
load.js
pm-widget.taboola.com/tegna-network1/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tegna-network1/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36746cc63c2ef7cefba2cafac9dd0006ac095792b0ebf374819d77d5e0157c92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
idCAW_yu.lo_hQdHIuoB56dhGu2ahCyE
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 18 Aug 2023 18:04:37 GMT
x-amz-request-id
HSKGA9JRYMVGNJWM
age
2070
x-cache
HIT, HIT
content-length
1591
x-amz-id-2
tzyhUUPFQuDoVpy99//V0lk4aQQEZDMuco2d/DvbkY1tub7tgrghjVzq0AzFDZRbGhPFzIP4+Qg=
x-served-by
cache-sjc10064-SJC, cache-mia-kmia1760096-MIA
last-modified
Tue, 25 Apr 2023 07:37:11 GMT
server
AmazonS3
x-timer
S1692381878.831415,VS0,VE0
etag
"ccafad070e3d08bcb6b24fe3302b86c5"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
92174, 93
impl.20230816-2-RELEASE.js
cdn.taboola.com/libtrc/ 		798 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aaa5513cdbb249e2a89186d90a196b8cd08297c8d3a26faed2e803db39f33c0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
k9vSq6tm3Lof1DwGRWtrdhO4v7JpeSDw
content-encoding
br
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:37 GMT
x-amz-request-id
30XEMHA3SNPER0PK
age
2241
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169058
x-amz-id-2
G+zoHOXmeYT8wt/+z5BLWSeB+2Osg8Qyn+pFVX25pYMBVbT56K6dvb2ikRfSuTH24fv41K+YY+g=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Wed, 16 Aug 2023 09:25:47 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381878.831424,VS0,VE0
etag
"38ee0623c0b223064ec829d11f2dfaac"
vary
Accept-Encoding
content-type
application/javascript
abp
60
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3866
d407bdad-5273-49e7-85c2-2e799096610e_1920x1080.jpg
media.9news.com/assets/VERIFY/images/d407bdad-5273-49e7-85c2-2e799096610e/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/VERIFY/images/d407bdad-5273-49e7-85c2-2e799096610e/d407bdad-5273-49e7-85c2-2e799096610e_1920x1080.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc0af3306b68b44fdafbe8cd192b8494837a3a7fc5ad2d7cd73daee9445548cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
ROwx2hrMCEl7f3p937.Gh5Lu55UEM3R_
date
Fri, 18 Aug 2023 18:04:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 15:37:33 GMT
x-amz-request-id
58FEWCQFT153EEMG
etag
"2b568fe49cd5bbd4f6521a4f3f5ba9d7"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1287227
accept-ranges
bytes
content-length
238214
x-amz-id-2
p2quW1edJQ7KJtqhYNsp9dnDENrYjuAV0HV+PhAcMkMqXevUFCHYwxynd3RwZY5kvuKBv4SwKPs=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 15:38:24 GMT
d4c69caa-13da-42a0-b175-88990c9a78f3_1920x1080.jpg
media.9news.com/assets/VERIFY/images/d4c69caa-13da-42a0-b175-88990c9a78f3/ 		463 KB
463 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/VERIFY/images/d4c69caa-13da-42a0-b175-88990c9a78f3/d4c69caa-13da-42a0-b175-88990c9a78f3_1920x1080.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f078dd76c3b918c79a78e75653c7cc47a789f94c9240ce55dd7e26596c742b36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
WNHd6d7E1Tb2qMG1RORc50nNVeg8d4iI
date
Fri, 18 Aug 2023 18:04:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 16:38:29 GMT
x-amz-request-id
41CVS5V4VZPHEP16
etag
"266faba8b1269bf15ec6af041225985a"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1290889
accept-ranges
bytes
content-length
473701
x-amz-id-2
3UBK72rGrxvJelefPFV1TpgqxpaRT2wmitrzowNkGvpvuJTz15ea9aAI5hySRFu/z3D+4pFqSjI=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 16:39:26 GMT
e803ea05-6594-4521-a224-8b92be329e8b_1920x1080.jpg
media.9news.com/assets/CCT/images/e803ea05-6594-4521-a224-8b92be329e8b/ 		262 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/CCT/images/e803ea05-6594-4521-a224-8b92be329e8b/e803ea05-6594-4521-a224-8b92be329e8b_1920x1080.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
502cd704398ac3247113235aed2e47ed59df1e53384262055328215debeb078a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
cyVkfgqtS3znDlxH7hCuPgG5j6xA0x2K
date
Fri, 18 Aug 2023 18:04:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 16:26:07 GMT
x-amz-request-id
9N5AP6XEFWW1FF5E
etag
"5ea04740b1251ea99d19ef21759c462a"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1290214
accept-ranges
bytes
content-length
268032
x-amz-id-2
bTVJCqVawME2UmIPLeAwq3qGabJS45FlIsHG53/5mJ1pU4RJoBQOjUDC2F3xLAzjvqwM9ZrS0FM=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 16:28:11 GMT
ec54587f-71b8-4463-b004-0cd56e20f084_1920x1080.jpg
media.9news.com/assets/CCT/images/ec54587f-71b8-4463-b004-0cd56e20f084/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/CCT/images/ec54587f-71b8-4463-b004-0cd56e20f084/ec54587f-71b8-4463-b004-0cd56e20f084_1920x1080.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a41db56b578fef1c557be2a98889ebd92f0afa27743535d9c75270c795111a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
a361xvc4VZuRC2EiLNghZ7ZQiy6sgrI6
date
Fri, 18 Aug 2023 18:04:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 15:57:15 GMT
x-amz-request-id
NR1S9QHGA65JYDX2
etag
"3edf98335758be52c94fb2b975e2b6a4"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1288653
accept-ranges
bytes
content-length
279834
x-amz-id-2
qnz2NYUIOCc08BHtuP2Zf7p7BmjpuEPETdyDuZs92H5AwnCCs2uXTciBsrLTPGWbeYrUGmketFc=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 16:02:10 GMT
1dc2b458-e33c-4227-972b-3319f372daae_1920x1080.jpg
media.9news.com/assets/LOCKEDON/images/1dc2b458-e33c-4227-972b-3319f372daae/ 		309 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/LOCKEDON/images/1dc2b458-e33c-4227-972b-3319f372daae/1dc2b458-e33c-4227-972b-3319f372daae_1920x1080.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03a6c5932f2d6e204d9ab259162a5f3f8a28443307b4713721338da85c61da6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
KKncBrEBfbOLFGFchuCw3Da57hY6V14F
date
Fri, 18 Aug 2023 18:04:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 16:01:30 GMT
x-amz-request-id
QFEQZYFEZ5HG96TH
etag
"dc5a72a5e3ce77fa051e2ef32650dfd9"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1288660
accept-ranges
bytes
content-length
316532
x-amz-id-2
k8YN2lC3ryFwRBchz71DQcFONbWpKFRbNEloBQMhdqHMTlrPhFlRjH9twVzhxFW/HC9vf+E9U/g=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 16:02:17 GMT
fontawesome-webfont.woff
www.9news.com/assets/js-libs/akamai/amp/react/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/react/fontawesome-webfont.woff
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/react/React.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/assets/js-libs/akamai/amp/react/React.min.css
Origin
https://www.9news.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f3cb4"
x-powered-by
ASP.NET
content-type
application/font-woff
cache-control
max-age=158535
accept-ranges
bytes
content-length
31156
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 14:06:52 GMT
amp.gif
amp.akamaized.net/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.22&platform=web&os=Windows&osver=10&browser=Chrome&browserver=116.0&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&event=create&&lic=
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000::173f:4c91 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:38 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 08:47:35 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
33424
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
UmP2UBvQxU5rPDDr7raiOsh-12FZiYXHX4OZquLZfq6e68FrX8vF3A==
Amazonbidder.js
www.9news.com/assets/js-libs/akamai/amp/amazonbidder/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9news.com/assets/js-libs/akamai/amp/amazonbidder/Amazonbidder.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.194.129 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-194-129.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
603b4aa607e495df814eb23c7c2d88066f08ae7cb12abe5a8bf3e5e602a4d219
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 18:04:38 GMT
last-modified
Thu, 03 Aug 2023 19:03:14 GMT
etag
"1d9c63d275f503b"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=141573
accept-ranges
bytes
content-length
1894
x-xss-protection
1; mode=block
expires
Sun, 20 Aug 2023 09:24:11 GMT
amp.gif
amp.akamaized.net/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.22&platform=web&os=Windows&osver=10&browser=Chrome&browserver=116.0&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&event=start&&lic=
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000::173f:4c91 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:38 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
live.m3u8
livevideo.tegnadigital.com/kusa/v1/master/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/elvs/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/kusa/v1/master/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/elvs/live.m3u8
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0917b1b621bc1fbc503f1cbec84a14688d2a479b44540ec18b9fabeb5da4107b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:38 GMT
Content-Encoding
gzip
x-amzn-RequestId
88ef492d-9ded-40a0-b5fc-83d028f6baa4
Connection
keep-alive
Akamai-Mon-Iucid-Del
926974
Content-Length
436
Pragma
no-cache
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 18 Aug 2023 18:04:38 GMT
pmk-20220605.26.js
pm-widget.taboola.com/tegna-network1/ 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tegna-network1/pmk-20220605.26.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/tegna-network1/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ca0a91cad06c7f0c5dd56442a13d91e8b96b97dc079d25a986960717bd5e172

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
b_zM7ql1G7eJ0p8bC8QaKYwvt2gi3cWl
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 18 Aug 2023 18:04:38 GMT
x-amz-request-id
BRJWXQHYXVN2KNQQ
age
9973640
x-cache
HIT, HIT
content-length
30563
x-amz-id-2
9GN78kdbzJCQQgdguapI/okhoOu/FrYfOExMv748RKIGZUtYMjxIF+2lSUxNZtkJYnXv80+D5mc=
x-served-by
cache-bur-kbur8200102-BUR, cache-mia-kmia1760096-MIA
last-modified
Tue, 25 Apr 2023 07:37:10 GMT
server
AmazonS3
x-timer
S1692381878.038941,VS0,VE0
etag
"748da387001c7b7658cc2645dda6a5c0"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 29534
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1YNY&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
323584
expires
60
json
trc.taboola.com/tegna-kusa/trc/3/ 		108 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tegna-kusa/trc/3/json?tim=08%3A04%3A38.071&lti=deflated&data=%7B%22id%22%3A991%2C%22ii%22%3A%22%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692283070282%2C%22vi%22%3A1692381878065%2C%22cv%22%3A%2220230816-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221YNY%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22vpi%22%3A%22%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2057%2C%22nsid%22%3A%22tegna-network1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtegna-network1%3Aabp%3D0%22%2C%22uip%22%3A%22Newsroom%22%2C%22orig_uip%22%3A%22Newsroom%22%2C%22cd%22%3A0%2C%22mw%22%3A1600%7D%2C%7B%22li%22%3A%22rbox-v2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbs-feed-01-a%3Apub%3Dtegna-network1%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Video%20Feed%22%2C%22orig_uip%22%3A%22Below%20Video%20Feed%22%2C%22cd%22%3A982.734375%2C%22mw%22%3A780%7D%5D%2C%22cacheKey%22%3A%22video%3D%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%2CBelow%20Video%20Feed%3Dthumbs-feed-01-a%3Apub%3Dtegna-network1%3Aabp%3D0%2C%2CNewsroom%3Drbox-tracking%3Apub%3Dtegna-network1%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b23386e73fa93cae144c312a1c1cf0f0a13a41d6e87d036de88239f8916623b

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
835
date
Fri, 18 Aug 2023 18:04:38 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
30587
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760096-MIA
x-log-content-encoding
gzip
server
nginx
x-timer
S1692381878.101397,VS0,VE835
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sfp.js
native.sharethrough.com/assets/ 		594 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js?utv=ut4.49.202107201423
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-20.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
803f304e5ff5f2542b539737214b59b710488df9d1acf9df70c20319af0e0b5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 17:40:48 GMT
content-encoding
gzip
via
1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 16:40:46 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
1431
x-amz-server-side-encryption
AES256
etag
W/"0650f888baac5e25b0b739a9e086761d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
gN03Tx_u-5PH1HZMIN0VqfkJJeia-yd7xBSfjD81gPgfFl6FZDN1ig==
expires
Fri, 18 Aug 2023 17:40:45 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160138/3965/ 		503 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8c8cd41dce03784d3503fb70cd31aaf8539e598730cc13e83acce0b1f79196a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:38 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 22:04:48 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34246
accept-ranges
bytes
content-length
160012
expires
Sat, 19 Aug 2023 03:35:24 GMT
gpt.js
www.googletagservices.com/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9800f6a1b53f32fd95a8e597a60f72397c020b90f2815204db17b30cafb3850a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28865
x-xss-protection
0
server
cafe
etag
995 / 19587 / m202308150101 / config-hash: 6865334963093270093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 18:04:38 GMT
ope-tegna.js
cdn.opecloud.com/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.opecloud.com/ope-tegna.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-25.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
9b1a1a4af356522d94f33916ae5dc17f474b8a8b3a1a8cdedcfb6b82696b052e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 17:44:20 GMT
content-encoding
gzip
via
1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 20:41:33 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C2
age
1218
etag
W/"64cabf7d-1142f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800, public
x-amz-cf-id
DplkIeKfX2QtQyo9JhVaTZuVX9jnqsXjbgiop8ivEyo2aS1Kkku_VA==
expires
Fri, 25 Aug 2023 17:44:20 GMT
amp.gif
amp.akamaized.net/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.22&platform=web&os=Windows&osver=10&browser=Chrome&browserver=116.0&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&event=create&&lic=
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000::173f:4c91 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:38 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
e5394d32-4195-479c-a781-a6dfe59b5d61_1920x1080.jpg
media.9news.com/assets/KUSA/images/e5394d32-4195-479c-a781-a6dfe59b5d61/ 		293 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.9news.com/assets/KUSA/images/e5394d32-4195-479c-a781-a6dfe59b5d61/e5394d32-4195-479c-a781-a6dfe59b5d61_1920x1080.jpg
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/react/libs/react.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.144.179 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-144-179.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
758cf8038c2efe5c0e1b208fd6b7aa469c25fde29641f52a3bf08a8188504b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
W.nZjWar_jimKWUaKLwbUcCbnxV1zmLh
date
Fri, 18 Aug 2023 18:04:38 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Aug 2023 04:41:50 GMT
x-amz-request-id
MWKK1S8RBK7BK5GF
etag
"f4f075d10dfb55a66f195423a0cb6427"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=1247926
accept-ranges
bytes
content-length
299691
x-amz-id-2
JQV9U5D6yJdK5AEXXfId1XhHH4SeifSq27jcDNItSrvzC5Ow2fRvRg9wN0JVbNFHRHedfKaOoh8=
x-xss-protection
1; mode=block
expires
Sat, 02 Sep 2023 04:43:24 GMT
bridge3.585.0_en.html
imasdk.googleapis.com/js/core/ Frame B764 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
252629
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236309
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 19:54:09 GMT
expires
Wed, 14 Aug 2024 19:54:09 GMT
last-modified
Tue, 15 Aug 2023 19:52:02 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 18:04:38 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D8C1 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 17:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 18 Aug 2023 18:41:28 GMT
2.m3u8
livevideo.tegnadigital.com/kusa/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/c0c20d39-dac3-4595-8b4a-26137601df2b/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/kusa/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/c0c20d39-dac3-4595-8b4a-26137601df2b/2.m3u8
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a074807c683144b596008561301f27ec98e5ae9eb0b6a8ed263ff73213ecb459

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:38 GMT
Content-Encoding
gzip
x-amzn-RequestId
ddabdea4-6210-432a-b5f3-cfe12c4a698d
Connection
keep-alive
Akamai-Mon-Iucid-Del
926974
Content-Length
304
Pragma
no-cache
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 18 Aug 2023 18:04:38 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 21:47:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
73045
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129634
x-xss-protection
0
server
cafe
etag
8962464231799197432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 21:47:13 GMT
ats.js
ats.rlcdn.com/ 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-111.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
br
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
date
Fri, 18 Aug 2023 08:27:38 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
34621
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
bFW-LT4x5rgbNlIxdKEqpnHtRQyHv09b_kHPqy8GrStPIWKagzFQug==
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/160138/3965/ 		883 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/160138/3965/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4fe047cd85380a8c2b70897bac249076e37ab3445514ba883177b03cb35927e4

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 22:36:07 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=102642
access-control-allow-credentials
true
accept-ranges
bytes
content-length
226
expires
Sat, 19 Aug 2023 22:35:20 GMT
live-3390_00024.ts
livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/ 		554 KB
554 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/live-3390_00024.ts
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.185 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
997f0949094f190ff39f59e8ff0a9e0895fc9cc85507acb1896bf94a1638e5c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:39 GMT
Akamai-Path-Timestamp
i=1692381858.633;xi=1692381858.659;xo=1692381859.832;s=1692381859.859;
Akamai-Mon-Iucid-Ing
2014548
Connection
keep-alive
Akamai-Mon-Iucid-Del
312833
Content-Length
566820
Pragma
no-cache
Last-Modified
Fri, 18 Aug 2023 18:04:18 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
X-Akamai-Live-Origin-QoS
d=7000;t=1692381858.636
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535944
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 17 Aug 2024 18:03:43 GMT
css2
fonts.googleapis.com/ 		2 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ff4fe886c21f09a3ba144b93e3eb818a5152eaac69c25fce50a31677078c533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 18:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 16:08:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Aug 2023 18:04:38 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/19962895/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.164.96.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-43.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:35:19 GMT
via
1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
37761
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
SaIEvQfBciDogXg4fOYBqT3Svj5itF9BF3At2AE-hxNIfRYUfrgwjA==

Redirect headers

date
Fri, 18 Aug 2023 18:04:38 GMT
via
1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
ge0Dn5u-qS2ycDst3dDXOsOv6Jg_Ufj9wDTOJH4sG30gB_e75w-hoA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=19962895&comscorekw=news&category=news&templatetype=video&ns__t=1692381878781&ns_c=UTF-8&c8=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20an...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&comscorekw=news&category=news&templatetype=video&ns__t=1692381878781&ns_c=UTF-8&c8=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20a...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&comscorekw=news&category=news&templatetype=video&ns__t=1692381878781&ns_c=UTF-8&c8=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&c7=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&c9=
Protocol
H2
Server
18.164.96.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
6ktXAJRcyXmdPPWT6c7xoeOiac27vENMkUOoqaM6XaMiBkUnzyLQ9g==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 18 Aug 2023 18:04:38 GMT
via
1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=19962895&comscorekw=news&category=news&templatetype=video&ns__t=1692381878781&ns_c=UTF-8&c8=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&c7=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&c9=
content-length
0
x-amz-cf-id
fU-aqucLF5psaWPSbJuGVweoATOtKo4W8dzht59Dn4RtIRTlWluIOQ==
pixel.gif
pdmp.tagger.opecloud.com/pdmp/b159/v2/ 		35 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdmp.tagger.opecloud.com/pdmp/b159/v2/pixel.gif?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&ref=&tref=&tz=10&screen=1600x1200x24&uspstatus=uspoptoutsalenoconsent&e=%5B%5D&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-109-214.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
51
expires
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 17:54:03 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
635
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 18 Aug 2023 19:54:03 GMT
tv2track.js
collector-21104.us.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-21104.us.tvsquared.com/tv2track.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.81.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-81-139.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Dec 2022 10:40:07 GMT
Server
nginx
ETag
"639c4b07-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
8499
Expires
Fri, 18 Aug 2023 18:14:39 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F7XWSR753Q
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a0b5389a4c2dd8d31b5a5a3a77c308128690fc2d3e8c171441cdf72b68bb7e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78628
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 18:04:39 GMT
utag.537.js
tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/ 		839 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.537.js?utv=ut4.49.202004230457
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a39ba93ef882b3f71b18c8948d4ba3a00002c0ba59029fdc1368796eeda3ab2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
2i0bmAzLzaaTYjf2in87YyEwTXV1r4dy
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
etag
"20526e074bb3e88a2551e6ff8a645ec7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
839
x-amz-cf-id
nwiCW6P2A9dZ4BH60ffbaSVbCnw7WGjsMuX1sHgOkxYhCNM52Em8kg==
utag.607.js
tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.607.js?utv=ut4.49.202111021250
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d952eeda4000d6cc1be7957461539596b937e83499785ba8ad12f821f906693c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
k0jaOpejRPIsS6ra5Z_9uhBOxrW28sri
content-encoding
br
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
date
Fri, 18 Aug 2023 18:04:39 GMT
last-modified
Tue, 25 Jul 2023 19:59:49 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
etag
W/"c1baad330d68417bef53af4a58fa4f79"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
zPsSKU1jVOvXBOcdu5FlxbFSOq54jccAUR9s6y3lq0-ogag7Pp3DqQ==
dpx
i.simpli.fi/ 		95 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=25f6d490-8eb1-013b-5cac-0cc47a1f72a4&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.236.221.183 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.221.236.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 18 Aug 2023 18:04:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
x-request-id
F3yMWjFAqZsmYoojjGoB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
tv2track.js
collector-16834.us.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-16834.us.tvsquared.com/tv2track.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.46.108 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-46-108.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Dec 2022 10:40:07 GMT
Server
nginx
ETag
"639c4b07-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
8499
Expires
Fri, 18 Aug 2023 18:14:39 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=tegna/kusa-redesign-desktop/202307251959&cb=1692381878948
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Fri, 18 Aug 2023 17:59:28 GMT
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
311
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
a73JLcXH2QceJp8qaNdEar8It0x9SjCQVGwYZ6Yo3qH3uf6LJz2dLA==
dpx
i.simpli.fi/ 		95 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=27cc4ee0-0aee-0137-4b7a-06659b33d47c&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.236.221.183 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.221.236.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 18 Aug 2023 18:04:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
x-request-id
F3yMWjFDzZjBem0UKuNF
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1839280050&t=pageview&_s=1&dl=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&ul=en-us&de=UTF-8&dt=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABBAAAACAAI~&jid=313482965&gjid=218170702&cid=1482041932.1692381879&tid=UA-72971938-1&_gid=1819321061.1692381879&_slc=1&cd1=2d942893-5578-4aa0-a328-3528a43a3f53&cd2=9news.com&cd3=local%2Cnews&cd4=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process&cd5=video&cd10=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&cd12=0&cd14=Denver%2C%20CO&cd15=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&cd19=news&cd20=local&cd27=true&cd28=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process&cd30=false&cd33=desktop&cd35=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&cd36=video&cd39=false&cd45=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process&cd47=02%3A14&cd49=KUSA&z=1842836035
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aeb8be55d1d571fefd97046191e53d93a8cc50458e5ede00dabbdfb60e5caaa3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72971938-1&cid=1482041932.1692381879&jid=313482965&gjid=218170702&_gid=1819321061.1692381879&_u=YGBAgAABBAAAAGAAI~&z=1634693885
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Aug 2023 18:04:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/tegna-network1/ 		547 KB
63 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9561c2848c0b81e8aa80ec3d5bbd2a8da7aa9c8a3749ccd1ee114dbb4a66edfd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
4YPDippEt6eVxpf831p4eM5EoDX63pB8
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:39 GMT
x-amz-request-id
2H193X487ZWQ89D0
age
96
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
63747
x-amz-id-2
JC0DguIkqIUvedt2pomufjqJ7Tu4Ba7jHn+GaFn7ri6nlv2KZQNq0o5Qe8/QXFNTHMi7cu+Q+hg=
x-served-by
cache-mia-kmia1760064-MIA
last-modified
Thu, 17 Aug 2023 14:37:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381879.138331,VS0,VE0
etag
"9b124e517208ef15cb483045ce2104a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
4
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.1/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8e2c958c574d530f40d74d3f28827e08e9130b8d6062c9133505f5492abdfb2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 b03cdde00266d1a718dac82499df6b8e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MIA3-C3
age
209622
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35592
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Wed, 16 Aug 2023 07:50:00 GMT
server
AmazonS3
x-timer
S1692381879.090968,VS0,VE0
etag
"f15eacc8b374e3aab006b161b804b852"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
M3GWxtj4QYwVhtsKt0FYNYT5xOKG4zMHLBX_1yqtwydUJL_TOWtdhA==
x-cache-hits
19802
feed-card-placeholder.20230816-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230816-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a2ec35cdc5f98981f8b5b75c4b54c72d628d9aa144159e500884806b3c99309

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
LdB5sd7zA8ZWGeSMv5anO.iYGdkghzVT
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:39 GMT
x-amz-request-id
6RRMK09CEWZYJ350
age
98958
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
RCNbzU1GitQ1QdkAByljwn/g5l92jrtTJQkFQWJhKFfeaF20JK1yaZA4zDAPcMBmjcvpSaxfrPE=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Thu, 17 Aug 2023 14:35:21 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381879.076029,VS0,VE0
etag
"14d75fe8329ef32bd9b97d4f63363454"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
77
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
98123
378bb21d-a3d2-4980-8fd5-211a8b92e61f.css
cdn.taboola.com/static/37/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/37/378bb21d-a3d2-4980-8fd5-211a8b92e61f.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41bf82b7fcf28ff777e3ee2735df3763a0424d119ce578645e32af670db9699

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
sOSE6KZxaKkHEKpOUZS9dUpkWzvnpLNh
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:39 GMT
x-amz-request-id
STD4M8ZE2QXEK1A9
age
14891
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
731
x-amz-id-2
fxPzn1z3W3y0en4gZL+DoHU6UrMMRIAS2hrbnBE3o1Nh94vps1V9YqpvT2ZAJuijICTkTPQAcrQ=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Tue, 23 Jan 2018 13:15:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381879.080117,VS0,VE0
etag
"de94e1d7365c8ca777e6a488bc365087"
vary
Accept-Encoding
content-type
text/css
abp
74
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
129
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:39 GMT
x-amz-request-id
ANSK5JKX6DPW543M
age
29
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
YFikeJeu5V5P3AnoE6mz56aEfrsAfvp8lO8lknVWz/lVC+zYbxfXmf8EkAc6b25i7Qabmo7BNG4=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381879.090953,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
17
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
22
userx.20230816-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230816-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7edf23266109a291d04fb6729c9fe1b7eee7dc0dda62b44f11d2be6de79d002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
FAFS784HPB0WZuCzFjv8ZU.Uk7rjhl2T
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:39 GMT
x-amz-request-id
9H2M1JGYVA2THJZ9
age
98930
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
PSMqK7PNHrYSvST4zD7fIanWa9sbTCuMwYXUgY/mCtF2cyD2Wu4LcfEG+Jj8TRyIa1p28PHAVeM=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Thu, 17 Aug 2023 14:35:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381879.132090,VS0,VE0
etag
"da682b5af6eefaa9198a4b57e340288c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15990
distance-from-article.20230816-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230816-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c737841de7075d837a90d841cd532120cad7bbfbc2a25234824488d6d9b38ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
AdaXBYZAshoQry3wup3VULIpBs1CFi8b
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:39 GMT
x-amz-request-id
HRZDEESF75MTJ95Y
age
98963
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
HY9xDJOCPFMlT9hCP6wva1zvMli4/uUvC4DWcusMPR84fF2QLeb6YLRDcWd2cwHUMo91nfUmiPI=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Thu, 17 Aug 2023 14:35:16 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381879.132071,VS0,VE0
etag
"32421921235a21541bc513a0903d4351"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
74
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
97247
article-detection.20230816-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230816-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bdfeca9aed2813478ac8015499f877e0720d021f08793cf3240cfb2d334d7c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
A4bwQaGR4XLELwLoquhbqWBRrqP0FW9_
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:39 GMT
x-amz-request-id
1FX52RE8255H8S6M
age
98970
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
cTaxLD4hc7GMEf9eEQVM0v9cXKfXKBHnRFX2SvtUXaxkKXTd3iCcd2/+SHcU7wkoSnMdYJMKOxg=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Thu, 17 Aug 2023 14:35:09 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381879.132180,VS0,VE0
etag
"8d0f4da6212d22c83a2121d8929f4acb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
86
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
97226
1x1.png
d24zb9qreavi2u.cloudfront.net/ 		95 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d24zb9qreavi2u.cloudfront.net/1x1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-107.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 13:43:47 GMT
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 07:24:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
15653
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
sgpmbOeIemTS67zQ5DjSO-1MvWzNovrV0wrIs6CKdGr8u81cIWHqpw==
abtests
ch-trc-events.taboola.com/tegna-kusa/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tegna-kusa/log/3/abtests?route=US:CH:V&tvi2=10442&lti=deflated&ri=29bfa9be0bdd644cb521ee126398e4fd&sd=v2_4d62979fa0ead19e474e7f498c13c11a_5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836_1692381878_1692381878_CNawjgYQkqw_GLGuyM6gMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGjxg5HW9JH9uAVwAQ&ui=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&pi=/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53&wi=8656952373639217571&pt=video&vi=1692381878065&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692381879086%7D&tim=08%3A04%3A39.086&id=2265&llvl=2&cv=20230816-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
winnotice
trace.mediago.io/api/log/ 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/api/log/winnotice?tn=bc83c7494a362a2c1416fcdf61fceb03&winloss=1&id=026d2a413f02b1bf4aeb3680bb973dd0&seat_id=Baidu&currency=USD&bid_id=026d2a413f02b1bf4aeb3680bb973dd0&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=0&price=0.07554200291633606&test=0&time=1692381878&dp=kTQmPPizv9L30zcn421BnATlMXWZjMG_v-9qH7fMChs&dsp_id=22&url=TfQfzFeymsLodilxYhdm0ainOntKvvgkTLqdtlqzy9h2Kqqdjq71CAC8u6b_8GM2GhuUeYCpAZ259gEd0iLg-zhGnNdJeoDvl4IOIpYRTZxswcezdY4_NdTBD54QS00U_890wKXSWGfpkrwSO-G49xWF9evwkg_r5GucBKzW3kor74SqHHy7E_JiTquA-ZNKSFWAYnW2VAdOtxyG8FKDiWFoQ-Fq5-88qGdPtMxQYQJX__YxHg2e9mK6C1VCyFFHwWRIt6aNaQpx0R9lVPqM6TvhToULXrn5i7xBofKaSzZ3EAeA2vuaDm324J5eB9gsdns94482khszeynd-vA8xAxxMAt4YQfrz44DQdPTd_oY2qHXpiDUn79Jr1h3OKlmX38Jjz6Y-ge5FoDaj0oJq3e4u4rLmD5fgppl6gS-QzSPEwTFonyPR3PqQGGu1IwO-N0RhbQ_-X8BdtHdhGpiWoiZ9nI-SWXCAxBYr2NSK_Y9YXAzI-y9v0Gt7HIb8WEkoO-P3SlGPo6rBDxDBWzd0MesQgKJpyQv84NoHwZUzjDDAdxpWlVBhUnEwkM2G858avaObpf12sQ5MEkj3sYW9J3bN2F9H9k-GCcbdLxlLIeCj9qBtlIuQx6VV75QEEuKF5NyGFxhKdGF6oqjjezRCzDHm5Tu8iCIs260MybnhutrYupPqCVPmWihc4FdoslJnPl8ZMp4KX9242nBoi24W7six9L-LNaBoZFgaYXDVRhu41CiSWl3kvPCWY89TJCgzukykAefQM-v_CrU0ydbyDIW4eCcfvAEepxwr68uks8vEZB36BkC8BKnRrFN1idh2On0aEXs3eYFfYPDpZreT7xB95L_6uxhm6_yROhF7H9WBBkMNs9GF1_LakCErACD-X_TJe3TlZC7RAlrR4PCnruktM_WcrzlDr9qmxERcgy2UXKhoCArZmrjJcIEVOBX0tKX7VIO_DgcT6m4r0f1RDGJ_0sIGiU7tJw52R515viWE3JzZw-MyOtJmT-_pDo8J7ynLGjfuzqVBl7q0Ks_c8_3--Zwk_v9tNf7eQTDhIhYDO7W7Mjz2TODKmxcgSzqdooA0Jn8xjGCSLSjh188FH4nsdVFeer2eLXwgy23kaxOQzSOVt1-l1esRq5hi6TU_gb4HRtNe6sJVwJ9-kzhNxtQdJj2b6KGpGkIRYeHGxIrhGUY3P_qJeLxPiCV8wXzv1xkETQ7BHAxOh4RB6o_PHSqqXveWUjw3O8jLOp_xI-xi6lqPFSy2le1IIoLJXtbyme9rYLccae-GIjgevno18C9FaYC1ciICmEecHuo26TUsjun9Wu3AQDx-B5flsPF9UZG-LQaMC2NvMAP6kh4im8_JyhhuD97bZPnRtrO-HExRIGeSDd9gM8T4BdY3HTrJT979FSCCUCTJAs5HScvWjkA040UQtBeHkE9EV25Z6NXwmjfHrVIjY5r0q9Dgu0hDZFOd8dNBucbcbzHfBFnCZG1BHzYM2zc6iatdkGAZDGzjABXxagyvuYh9ZfhqSuxcZOvD8o4Pa7Mvo0BtXMYdiJVPTAMJqtXvQN5EgXMP9i95O5Yj0YTmW9y8zSdaf15UmSQmxmsDhYG-VMNW2bi719eYgJIWcPWdPbWT2NNYtgKMz0v6FriqutlpdHVktZhAf7M9Z7aK19DM7PDj6ajmaTCaDzQIwvPcNA5ll64NyWkwgkc51AfLLKzVy1BRPpSretr6rNYgKoHlVPD-SEkeTEy1UX24bGeSa1PoLlfck9r7J9UPSBX4KR4Ch2sEUCNNYSZPiUqzWGr6sr7_8nPOWN9J2ITfktbPIwkeoIfxJnn-d9fwYQY0lsQUiYA0FiK3ik8CvulA1Q7ohNdiYUGzZYiNIpyAcHgQcLhD9Iv43OxnxXiIZCTsNQ_b6IgieFQpI0BhnkVUHst2jk34VCn5A&sp=kTQmPPizv9L30zcn421BnATlMXWZjMG_v-9qH7fMChs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
ic
trace.mediago.io/ju/ 		0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/ju/ic?tn=bc83c7494a362a2c1416fcdf61fceb03&trackingid=3165223baefde8c19c7fb038d69faab4&acid=22784&data=iXQS7-YLoavV6K6mfnTZi7E6lVhw5D_Z5AaM2bpaRDXIvbYK_op8wyf9CA7oqknAzVzsslJaZtcZxjSaf33-Wamk05tYBdDNYPhmcAB6bdPtVytRwosiGQvIEtyBDteK2Ea3Sgmygl4cLT1uixf5aNILRO1z-RXIfTh5SzP8i331lAmSYibV9bHOI6PBO-CX1mP728UClp3_uKI2zxAhozI_K46rZfTlMUpguCDn3cYNVArKL6rppMnn8Qaj34lsD7pFXMbLFAH8gbWoBF5NLAvWRN1M55xV1L1HJl_khmzWabNZy6e5hPh7suIWOUmNPxx4K1VF1hNGt-2qKsRI5n3ZaVHeEpRLcUPPms0_SaQLx3xPeRAGIQL4Qu3riOdlHSS_pckVXZta2r0p_gr1OIz2mKHIM5AooVLu4TOnGtBWQXxpTeUOx8LSxoWLMcWv3kvDkQ8bgnsRPGn1iGppecfk7A8SKFeHWy_jhy_OGMamlILvb0SUGjDBRWbUDhsud57BmYCno__NFdktpsdsm5WCnSEYTEmBhyYiDPCsotlMeoARADLeLffMrmUfHdfN5Mjy8oXWY699FuY8pTgoyl2cF4EPMNrvf6w6vlK7J9H4LB8rJymqKr2MFAfYBfjwsZlETDVB9bhs_66J1Wcaaz4ZcCezpla66_7GiLGSQmhd3BEFTRtCZfZwRlDShDgLcq9DKItKRxxFjilJQFbW-ubvsgD-U9W1BqEYinheU3T1Ui_-sfP1cHa4fYVsShJQQ7-SyupTz4wzAzrLSiK8WdcT_t0gcQzM2Qvp4WM1QCDGuiayJOyzoZ4SMuGIytOYh2dvgp1aZYV88SOxNYWUF670gNejVD0-FMwStSKKsgZ8M7whocWL1EH06OJ4EMBE1zZroUFiTiyKtL-W5KoTW9L4TTlhJYzjU92hMU6Fagvl5cOFTQ7ArSCxV_3hs13B04og_DKsJCSDJLzSSAyF-Iv4s7AKoKGRK6xCy3yGHJGBXXMClVvtBwz6uBSxu4WV55FcCYfnrd-xmQrbFv3VhCLX_8IOle0Qweqaoj4YT7lRKmi-17qXVR5pWAeTDlhV-lRabvgJQPACIwVV-pbAKJlpp5rmVMtT9-nkecMDDaD5bmwwTqU_4up8sqF9wHyxScwa8YzWQ3KY7-5lMVrlfA&uid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&mguid=&ap={AUCTION_PRICE}&tid={tid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
social
ch-trc-events.taboola.com/tegna-kusa/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tegna-kusa/log/3/social?route=US:CH:V&tvi2=10442&lti=deflated&ri=29bfa9be0bdd644cb521ee126398e4fd&sd=v2_4d62979fa0ead19e474e7f498c13c11a_5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836_1692381878_1692381878_CNawjgYQkqw_GLGuyM6gMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGjxg5HW9JH9uAVwAQ&ui=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&pi=/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53&wi=8656952373639217571&pt=video&vi=1692381878065&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%22%2C%22sec%22%3A%229news%2Clocal%2Cnews%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fmedia.9news.com%2Fassets%2FKUSA%2Fimages%2Fe5394d32-4195-479c-a781-a6dfe59b5d61%2Fe5394d32-4195-479c-a781-a6dfe59b5d61_1140x641.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=08%3A04%3A39.337&id=9597&llvl=2&cv=20230816-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F7XWSR753Q&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6aebd0010919d034294ba56c8556c743ee9554bd9ad5fec9ebe1a8b036eef31c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80504
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 18:04:39 GMT
debug
ch-trc-events.taboola.com/tegna-kusa/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tegna-kusa/log/2/debug?tim=08%3A04%3A39.378&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&llvl=2&id=2638&cv=20230816-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61917
9fbe649d7dad3b808719aec0bcc3bd67.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fbe649d7dad3b808719aec0bcc3bd67.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
732ebfd6b0f6181ac664744b6b5fd12450dd7c55cd90b44d3df22afe1ef652c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fbe649d7dad3b808719aec0bcc3bd67.jpg
age
2603659
edge-cache-tag
432782806035751165273855523791061024461,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
432782806035751165273855523791061024461,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
2045
expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://myfox8.com/
content-length
7716
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kcgs7200024-IAD, cache-chi-klot8100026-CHI, cache-iad-kjyo7100158-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 19 Jun 2023 23:57:30 GMT
server
nginx
x-timer
S1692381879.489559,VS0,VE0
etag
"8eefafa266e9f90643fcdeb13b2e6f9a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 20821, 2
d126473e394e98865383b10e537edd8f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d126473e394e98865383b10e537edd8f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4fcae58533cfecc2cdc7cfc7271bc5948194e2eec38f3ab1ded6cbe383764adf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d126473e394e98865383b10e537edd8f.png
age
3839644
edge-cache-tag
539210902492927692742835379311962421630,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
539210902492927692742835379311962421630,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
769
req-referer
https://abc7ny.com/
content-length
6822
x-request-id
64a55fd45b6a78bfd33136704b0cd91b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200071-IAD, cache-iad-kiad7000065-IAD, cache-chi-klot8100144-CHI, cache-iad-kcgs7200153-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 30 Jun 2023 22:10:01 GMT
server
nginx
x-timer
S1692381879.489578,VS0,VE0
etag
"4dae2f97f3971e23d40fe2089e793848"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40363, 2
9d03a98c949c348a362c3c95a2877a5b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d03a98c949c348a362c3c95a2877a5b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7bbb88b46423ef28f104556e199f8c5163f3fa0c699066fcae997250158da202

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d03a98c949c348a362c3c95a2877a5b.png
age
623074
edge-cache-tag
431904076866074918313882451716294846055,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
431904076866074918313882451716294846055,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
313
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.qcnews.com/
content-length
11868
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000095-IAD, cache-iad-kjyo7100064-IAD, cache-chi-klot8100029-CHI, cache-iad-kcgs7200050-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 17 Jul 2023 04:39:11 GMT
server
nginx
x-timer
S1692381879.489564,VS0,VE1
etag
"fce2fb1df589308f158665214d49ee44"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7198, 1
b5b977601cc8d38cf2ffc47e48e88c70.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5b977601cc8d38cf2ffc47e48e88c70.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
33851354aff7094db48330044339efaec42eda67dc57b395b5668ee98fcfeb17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5b977601cc8d38cf2ffc47e48e88c70.jpeg
age
1939166
edge-cache-tag
566673231311905823354245610241375894448,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
566673231311905823354245610241375894448,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
114
expiration
expiry-date="Wed, 02 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
16552
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000164-IAD, cache-iad-kiad7000062-IAD, cache-iad-kiad7000024-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 02 Jul 2023 16:21:45 GMT
server
nginx
x-timer
S1692381879.489368,VS0,VE1
etag
"06c797972d8a3f9eb3aefa2244daa4fa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 14770, 1
60883757d501c9f4cf62a29289151855.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60883757d501c9f4cf62a29289151855.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b6792c25892f0ef356be11372c54db01d7db1aa6fe4a631e4dadfd11b02e20cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60883757d501c9f4cf62a29289151855.jpg
age
3453504
edge-cache-tag
398320904992263439557892664039355633009,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
398320904992263439557892664039355633009,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
80
expiration
expiry-date="Wed, 26 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://apnews.com/
content-length
17530
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kcgs7200059-IAD, cache-chi-klot8100148-CHI, cache-iad-kjyo7100051-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 25 Jun 2023 08:48:26 GMT
server
nginx
x-timer
S1692381880.532050,VS0,VE1
etag
"c6696a5522878208f6286ee43689c2ba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 3399, 1
861d9ba2-f6bb-4faa-8397-0bff5b413845__tWsCGP9s.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/861d9ba2-f6bb-4faa-8397-0bff5b413845__tWsCGP9s.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e5ebfab453c56bdd5812bbd46adc74d14e6ed486427395cb59c43a91db2752cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/861d9ba2-f6bb-4faa-8397-0bff5b413845__tWsCGP9s.jpg
age
711630
edge-cache-tag
523435076242603829153324146422105346518,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
523435076242603829153324146422105346518,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
250
expiration
expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ocregister.com/2006/02/15/gay-couples-seek-marriage-licenses/
content-length
10346
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000130-IAD, cache-iad-kiad7000151-IAD, cache-lga21923-LGA, cache-iad-kjyo7100133-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 14 Jul 2023 17:22:32 GMT
server
nginx
x-timer
S1692381880.532068,VS0,VE1
etag
"70fea92498b41fbb2ea839088d841cc7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5082, 1
5348be9e5771faba8e5b9717574f1751.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5348be9e5771faba8e5b9717574f1751.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb172fc2600cd306d47576f9f045b42aca72bb9370af7dfcf433bd1788be2b86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5348be9e5771faba8e5b9717574f1751.jpg
age
4216653
edge-cache-tag
362055734696482388674623839365043175951,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
362055734696482388674623839365043175951,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
69
req-referer
https://www.theblaze.com/news/airline-pilot-goes-viral-after-telling-passengers-what-behavior-wont-fly?utm_source=theblaze-dailyPM&utm_medium=email&utm_campaign=Daily-Newsletter__PM%202023-08-04&utm_term=ACTIVE%20LIST%20-%20TheBlaze%20Daily%20PM
content-length
10194
x-request-id
e863a6ac99f22f655d9d8dffa5f006d2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kiad7000027-IAD, cache-chi-klot8100166-CHI, cache-iad-kjyo7100122-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 30 Jun 2023 10:08:09 GMT
server
nginx
x-timer
S1692381880.531800,VS0,VE1
etag
"11ab629f058c0bd95211bfb45118b366"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 1144, 1
a39480296251b9ce43873210c54c9ded.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a39480296251b9ce43873210c54c9ded.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
30d0a285606f1e2daa6a3f104cda8b88c48ca16c2235a00d8835ea1a89e646d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a39480296251b9ce43873210c54c9ded.jpg
age
1407447
edge-cache-tag
526121640909749676821420417697328330709,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
526121640909749676821420417697328330709,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
350
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
11454
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200048-IAD, cache-iad-kcgs7200143-IAD, cache-lax10623-LGB, cache-iad-kjyo7100076-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 10 Jul 2023 02:48:47 GMT
server
nginx
x-timer
S1692381880.531779,VS0,VE1
etag
"0fad21366b8fb4646f251a1d81f02123"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 1
8fb94f9a9b895af92cb1eef2bf110a2d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fb94f9a9b895af92cb1eef2bf110a2d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de29f2881647a7ef017fdac1f82683f1a8c92dfd33202461338f682b84b7ca6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fb94f9a9b895af92cb1eef2bf110a2d.jpg
age
3894780
edge-cache-tag
394786009337311709606770766475413505027,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
394786009337311709606770766475413505027,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
167
expiration
expiry-date="Wed, 26 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tips-and-tricks.co/
content-length
8264
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kiad7000030-IAD, cache-lga21964-LGA, cache-iad-kiad7000062-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 25 Jun 2023 12:19:51 GMT
server
nginx
x-timer
S1692381880.531771,VS0,VE1
etag
"72770240d16b1456939d8ed35a02bf7d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 8, 1, 6, 1
ad17557503381b2dce6e73997a1355cf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad17557503381b2dce6e73997a1355cf.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
932bf23b670378e8f97637e5074aa3893b36b48c662bc80b709d05211733d519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad17557503381b2dce6e73997a1355cf.jpg
age
828008
edge-cache-tag
619189248453773017753199393139597819198,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
619189248453773017753199393139597819198,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
90
req-referer
https://www.tips-and-tricks.co/
content-length
8958
x-request-id
dadc37fe23d5621cd8dfd8bf98b46c9b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kiad7000037-IAD, cache-lax10642-LGB, cache-iad-kcgs7200111-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 08 Aug 2023 12:45:39 GMT
server
nginx
x-timer
S1692381880.531750,VS0,VE1
etag
"3b1178bd5882750485a8bc169df2bdce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 22, 1
6481b1326840c54563b12e50bb0892dd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6481b1326840c54563b12e50bb0892dd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b45cc80258f72283185f78dc0958e70654cbc33f894b847ce5040de603829d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6481b1326840c54563b12e50bb0892dd.jpg
age
2263844
edge-cache-tag
517638281455395765445681838070088073380,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
517638281455395765445681838070088073380,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
89
expiration
expiry-date="Tue, 08 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://christiannewsalerts.com/
content-length
12100
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kiad7000144-IAD, cache-lga21945-LGA, cache-iad-kjyo7100129-IAD, cache-mia-kmia1760096-MIA
last-modified
Sat, 08 Jul 2023 15:49:00 GMT
server
nginx
x-timer
S1692381880.577942,VS0,VE0
etag
"911695e4a5e791787229ef2618aee5ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 20, 4
2b25192c4d7d1f5d054cdbf237a14599.jfif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b25192c4d7d1f5d054cdbf237a14599.jfif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a397c8e3701c39e45c6f3906cd568781f6b10a0560877e6356b3bd2d2f344bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b25192c4d7d1f5d054cdbf237a14599.jfif
age
1397634
edge-cache-tag
608738567394230146010303049411615452611,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
608738567394230146010303049411615452611,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
30
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wcjb.com/
content-length
12154
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100065-IAD, cache-iad-kiad7000166-IAD, cache-sna10730-LGB, cache-iad-kjyo7100100-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 21 Jul 2023 09:25:14 GMT
server
nginx
x-timer
S1692381880.578107,VS0,VE3
etag
"d3ce76dba8fa680b662f13bf78fbde05"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1362, 1
cc8fd26056ee1d93b302f130087ece82.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc8fd26056ee1d93b302f130087ece82.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b3f08176d7848b139eb3594f6f16885ace670fb22de7e1a9ecf3eb3fbf255cf5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc8fd26056ee1d93b302f130087ece82.png
age
2554127
edge-cache-tag
463283055363041377118801063663092201605,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
463283055363041377118801063663092201605,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
20
expiration
expiry-date="Wed, 02 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wtaj.com/
content-length
15704
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200107-IAD, cache-sna10723-LGB, cache-iad-kcgs7200029-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 02 Jul 2023 17:46:32 GMT
server
nginx
x-timer
S1692381880.578089,VS0,VE0
etag
"63a23fa5ddbe84592b51d70174b34fc1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 13080, 105
f264f827-eb65-4823-8e52-3f42620ee09f_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/f264f827-eb65-4823-8e52-3f42620ee09f/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/f264f827-eb65-4823-8e52-3f42620ee09f/f264f827-eb65-4823-8e52-3f42620ee09f_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e5b0e5ece993efe9470a053cad3c0118664679c6a544a07263e2061fd20da1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/f264f827-eb65-4823-8e52-3f42620ee09f/f264f827-eb65-4823-8e52-3f42620ee09f_1140x641.jpg
age
266739
edge-cache-tag
447910934831651561174043081528886737528,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
447910934831651561174043081528886737528,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
194
req-referer
https://www.9news.com/
content-length
11100
x-request-id
a9150d9236f1586f8ad819817bd2eb8b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100168-IAD, cache-iad-kiad7000117-IAD, cache-lga21921-LGA, cache-iad-kjyo7100134-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 15 Aug 2023 15:56:55 GMT
server
nginx
x-timer
S1692381880.578555,VS0,VE2
etag
"d4a114cbf60bd66d662aca1a10e0ef16"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 34, 1
fcb9a103-784c-4e08-8f56-46e470908fce_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/CCT/images/fcb9a103-784c-4e08-8f56-46e470908fce/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/CCT/images/fcb9a103-784c-4e08-8f56-46e470908fce/fcb9a103-784c-4e08-8f56-46e470908fce_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5dcd94ef8ae374036b8d542e717122ca22b89e01408779657d18527275199d86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/CCT/images/fcb9a103-784c-4e08-8f56-46e470908fce/fcb9a103-784c-4e08-8f56-46e470908fce_1140x641.jpg
age
594120
edge-cache-tag
555463863754023651221514737384381846438,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
555463863754023651221514737384381846438,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
87
req-referer
https://d-7394902811495721702.ampproject.net/
content-length
11410
x-request-id
790010a2403f96f6ccbb7725fec3385d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kjyo7100038-IAD, cache-chi-klot8100110-CHI, cache-iad-kiad7000068-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 11 Aug 2023 21:02:10 GMT
server
nginx
x-timer
S1692381880.578936,VS0,VE1
etag
"f57b0718cef9ed2f5df727972665aa62"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 6, 1
bdede81e1033ef3200e45ebaec02d524__scv1__1200x628.png
images.taboola.com/taboola/image/fetch/$pw_300%2C$ph_167/t_tbl-cnd/https%3A//images.mediago.io/ML/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/$pw_300%2C$ph_167/t_tbl-cnd/https%3A//images.mediago.io/ML/bdede81e1033ef3200e45ebaec02d524__scv1__1200x628.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ba309b9325e9ba8b52ed51c9df5c0012d227e7e5cbd6ed87e3b7a90ca09ced3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/$pw_300%2C$ph_167/t_tbl-cnd/https%3A//images.mediago.io/ML/bdede81e1033ef3200e45ebaec02d524__scv1__1200x628.png
age
1427912
edge-cache-tag
564796811860576494714815428290969391550,358470977692125167815641153303915564582,29ecf9b93bbf306179626feeda1fab70
cache-tag
564796811860576494714815428290969391550,358470977692125167815641153303915564582,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
595
req-referer
https://therookiewire.usatoday.com/
content-length
10328
x-request-id
97ae2680b9059e9c9bad493cf4d8398e
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100175-IAD, cache-iad-kiad7000088-IAD, cache-sna10751-LGB, cache-iad-kjyo7100076-IAD, cache-mia-kmia1760096-MIA
last-modified
Wed, 02 Aug 2023 03:35:55 GMT
server
nginx
x-timer
S1692381880.578900,VS0,VE17
etag
"a22616035d3c541b589a39e7f295a41f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16903, 1
d3570b15da44605dc18c598bb284378e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3570b15da44605dc18c598bb284378e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d6d3dc2473b65d8bdbc2ab575951583085f7d533f95c110a849f94716e4aa893

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3570b15da44605dc18c598bb284378e.png
age
4500818
edge-cache-tag
301553316527501569615204938924731270501,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
301553316527501569615204938924731270501,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://myfox8.com/
content-length
19476
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100049-IAD, cache-iad-kiad7000086-IAD, cache-chi-klot8100085-CHI, cache-iad-kcgs7200075-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 12 Jun 2023 18:39:56 GMT
server
nginx
x-timer
S1692381880.637201,VS0,VE0
etag
"57a78e14d655fe8686eff727377c814e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 4159, 7806
f2de2687dd0397879377006c5ad34e34.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f2de2687dd0397879377006c5ad34e34.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2d59e7aacec4d8734605ca27f1ed93ae3de3eb9f981f9914a6c0269cb3ed285

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f2de2687dd0397879377006c5ad34e34.jpeg
age
1503946
edge-cache-tag
534358134821188198369924357152995155616,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
534358134821188198369924357152995155616,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
159
expiration
expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thenigerialawyer.com/
content-length
10870
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kjyo7100073-IAD, cache-lax10643-LGB, cache-iad-kiad7000030-IAD, cache-mia-kmia1760096-MIA
last-modified
Wed, 05 Jul 2023 21:17:50 GMT
server
nginx
x-timer
S1692381880.637195,VS0,VE1
etag
"ca7643e6e55d3c0323d7edbd9ad7f290"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 9, 1
70b204aaaf41ce2752c0155d43dc2368.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b204aaaf41ce2752c0155d43dc2368.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0040d5c2c7015a73edef55cb4d880a8c25d548ccf2935a6780242aeb39ad9d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b204aaaf41ce2752c0155d43dc2368.jpeg
age
3314846
edge-cache-tag
307313362972025287829736246734622842620,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
307313362972025287829736246734622842620,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
127
req-referer
https://www.9news.com/
content-length
35300
x-request-id
ef5f71b245c8b5a8edd1a653774e4794
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200041-IAD, cache-iad-kjyo7100059-IAD, cache-lga21920-LGA, cache-iad-kcgs7200111-IAD, cache-mia-kmia1760096-MIA
last-modified
Sat, 08 Jul 2023 05:53:22 GMT
server
nginx
x-timer
S1692381880.637381,VS0,VE3
etag
"44ee89490cbd5c7f9071f299fc66634b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 2677, 1
d27c1d91680bca1c6833b03cde4e3838
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d27c1d91680bca1c6833b03cde4e3838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
792309ef28e11a995d7796532378b32a33ca5b1038059e4cd3186c68e8fb557c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d27c1d91680bca1c6833b03cde4e3838
age
640428
edge-cache-tag
585858606598010724988396161206278579287,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
585858606598010724988396161206278579287,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
98
req-referer
https://apnews.com/
content-length
7870
x-request-id
27e9bba9dd26276e340f8d66abadf6c5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200110-IAD, cache-iad-kcgs7200141-IAD, cache-chi-kigq8000064-CHI, cache-iad-kcgs7200157-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 21 Jul 2023 04:17:22 GMT
server
nginx
x-timer
S1692381880.648985,VS0,VE2
etag
"1db3def4ac1a30d54e399effeb537052"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 8, 1
894a6783-d993-487b-afa7-d8856b2609ff_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/894a6783-d993-487b-afa7-d8856b2609ff/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/894a6783-d993-487b-afa7-d8856b2609ff/894a6783-d993-487b-afa7-d8856b2609ff_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
709f83b4cf43cf2b4a2d676302787c4b28b5c2387884bd4fc16e9c844c2ffd38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/894a6783-d993-487b-afa7-d8856b2609ff/894a6783-d993-487b-afa7-d8856b2609ff_1140x641.jpg
age
80011
edge-cache-tag
390561946745903987466544141974164639305,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
390561946745903987466544141974164639305,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
139
req-referer
https://www.9news.com/
content-length
23632
x-request-id
4e0a6f42228992b66074c68f0fd9f2b7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000063-IAD, cache-iad-kcgs7200070-IAD, cache-chi-kigq8000100-CHI, cache-iad-kcgs7200029-IAD, cache-mia-kmia1760096-MIA
last-modified
Thu, 17 Aug 2023 19:40:27 GMT
server
nginx
x-timer
S1692381880.649293,VS0,VE2
etag
"0e5e352fd1798c9b01d943c7f781d0d3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 35, 1
ccde5064-7dfb-4281-b52a-695954da9ca9_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ccde5064-7dfb-4281-b52a-695954da9ca9_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
caf9fbdd15c2496464e6a8bb9fd7072bc2127d5914d661f79b056bc2ccc693f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ccde5064-7dfb-4281-b52a-695954da9ca9_1140x641.jpg
age
17734
edge-cache-tag
324432621858840852575688326638077285476,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
324432621858840852575688326638077285476,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
156
req-referer
https://www.9news.com/
content-length
17278
x-request-id
89f565d49e30298d0d8d9d5dda70253c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200168-IAD, cache-iad-kcgs7200119-IAD, cache-chi-kigq8000047-CHI, cache-iad-kcgs7200042-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 18 Aug 2023 13:07:07 GMT
server
nginx
x-timer
S1692381880.649227,VS0,VE1
etag
"fcbcfb73aad5eaccbc6046da263138a1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 2, 1
50116c9e-fc07-40c0-85c7-7a0b2e782387__VJ0jt5kt.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/50116c9e-fc07-40c0-85c7-7a0b2e782387__VJ0jt5kt.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5712e295ec2cbabae21b92a673c55001e6fdbbaa282b5cb1e917c89536c24366

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/50116c9e-fc07-40c0-85c7-7a0b2e782387__VJ0jt5kt.jpg
age
980872
edge-cache-tag
425975348539412634676486690330649207482,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
425975348539412634676486690330649207482,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
503
req-referer
https://www.wcnc.com/section/community
content-length
10742
x-request-id
3bb1fa8414f7857894efb1a1df3ae43f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000129-IAD, cache-iad-kiad7000112-IAD, cache-lax10649-LGB, cache-iad-kcgs7200160-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 07 Aug 2023 01:49:40 GMT
server
nginx
x-timer
S1692381880.674088,VS0,VE4
etag
"440cb77d28d27f70b81f09ebe0eb6d3d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3021, 1
9a89c3f33d84e57986375e72129e156a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a89c3f33d84e57986375e72129e156a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
58c9c68121fafcc314ae2149f5e005ced17bc27359a600003a60393540144d42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a89c3f33d84e57986375e72129e156a.jpeg
age
1244594
edge-cache-tag
520364697784630530475021722557893483529,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
520364697784630530475021722557893483529,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
259
expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newscentermaine.com/
content-length
6970
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000043-IAD, cache-iad-kiad7000144-IAD, cache-sna10735-LGB, cache-iad-kcgs7200131-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 18 Jul 2023 04:43:39 GMT
server
nginx
x-timer
S1692381880.674264,VS0,VE1
etag
"992ad649eb543026a1a53a951d4f89fe"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3022, 1
9a050f29b870e3d069d9c0cadd613b52.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a050f29b870e3d069d9c0cadd613b52.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d523593fc48f2ad0f13d2e2820a76cfb58fd2d34a05c9946f73daf9584e0eab9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a050f29b870e3d069d9c0cadd613b52.png
age
1316479
edge-cache-tag
311087045331964386384116310319877332806,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
311087045331964386384116310319877332806,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
465
expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.theblaze.com/
content-length
14686
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100172-IAD, cache-iad-kiad7000109-IAD, cache-chi-klot8100091-CHI, cache-iad-kcgs7200071-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 18 Jul 2023 15:47:36 GMT
server
nginx
x-timer
S1692381880.677548,VS0,VE1
etag
"1289ee5bd255a391b2867ca31b290a15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 583, 1
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-25.jfk50.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 08:30:50 GMT
via
1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront), 1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, JFK50-P2
age
34429
x-amzn-requestid
d0c4491b-0b91-4196-9aa1-20fccf55d1c5
x-amzn-trace-id
Root=1-64df2c3a-65ebda3d3cff3da73959f4e5;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
J2PZJFHtDoEFgYw=
content-length
30
x-amz-cf-id
r6YTRGCb6O5KTCuCeVaiGg-0JkoYDRkUY17s9RZnquLdFuC8PpuSlw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pbfs.gif
tegna.tagger.opecloud.com/simplifi/
Redirect Chain
  • https://tegna.tagger.opecloud.com/tegna/v2/pixel.gif?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-th...
  • https://tegna.tagger.opecloud.com/tegna/v2/pixel.gif?e=%5B%7B%22contentId%22%3A%222d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22contentCategories%22%3A%22local%2Cnews%22%2C%22contentTitle%22%3A%22Co...
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna&google_tc=
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna&google_gid=CAESEAp-1goX6hxZ5kk9tFAI1Y4&google_cver=1
  • https://tegna.tagger.opecloud.com/dbm/opecs.gif?state=2-QEPl7dKh7IautYTAJwAYTF95ppyrzu8%3D&source=tegna&google_gid=CAESEAp-1goX6hxZ5kk9tFAI1Y4&google_cver=1
  • https://um.simpli.fi/1plusx?state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna
  • https://tagger.opecloud.com/simplifi/pbfs.gif?puid=BB882163254D4174AB34F94472E55A64&state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna
  • https://tegna.tagger.opecloud.com/simplifi/pbfs.gif?puid=BB882163254D4174AB34F94472E55A64&state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna
35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tegna.tagger.opecloud.com/simplifi/pbfs.gif?puid=BB882163254D4174AB34F94472E55A64&state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna
Protocol
H2
Server
3.220.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-109-214.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
51
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
vary
Accept-Encoding
location
https://tegna.tagger.opecloud.com/simplifi/pbfs.gif?puid=BB882163254D4174AB34F94472E55A64&state=2-NmYMNIyhey%2F9e4nB8ivI8YRPY8UBgaw%3D&source=tegna
cache-control
no-cache, no-store, must-revalidate
content-length
20
expires
0
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72971938-1&cid=1482041932.1692381879&jid=313482965&_u=YGBAgAABBAAAAGAAI~&z=299133435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9fbe649d7dad3b808719aec0bcc3bd67.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fbe649d7dad3b808719aec0bcc3bd67.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
732ebfd6b0f6181ac664744b6b5fd12450dd7c55cd90b44d3df22afe1ef652c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9fbe649d7dad3b808719aec0bcc3bd67.jpg
age
2603659
edge-cache-tag
432782806035751165273855523791061024461,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
432782806035751165273855523791061024461,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
2045
expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://myfox8.com/
content-length
7716
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100154-IAD, cache-iad-kcgs7200024-IAD, cache-chi-klot8100026-CHI, cache-iad-kjyo7100158-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 19 Jun 2023 23:57:30 GMT
server
nginx
x-timer
S1692381880.688613,VS0,VE0
etag
"8eefafa266e9f90643fcdeb13b2e6f9a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 20821, 3
9d03a98c949c348a362c3c95a2877a5b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d03a98c949c348a362c3c95a2877a5b.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7bbb88b46423ef28f104556e199f8c5163f3fa0c699066fcae997250158da202

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d03a98c949c348a362c3c95a2877a5b.png
age
623074
edge-cache-tag
431904076866074918313882451716294846055,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
431904076866074918313882451716294846055,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
313
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.qcnews.com/
content-length
11868
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000095-IAD, cache-iad-kjyo7100064-IAD, cache-chi-klot8100029-CHI, cache-iad-kcgs7200050-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 17 Jul 2023 04:39:11 GMT
server
nginx
x-timer
S1692381880.688560,VS0,VE0
etag
"fce2fb1df589308f158665214d49ee44"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7198, 2
live-3390_00024.ts
livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/ 		554 KB
554 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/live-3390_00024.ts
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.185 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
997f0949094f190ff39f59e8ff0a9e0895fc9cc85507acb1896bf94a1638e5c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:39 GMT
Akamai-Path-Timestamp
i=1692381858.633;xi=1692381858.659;xo=1692381859.832;s=1692381859.859;
Akamai-Mon-Iucid-Ing
2014548
Connection
keep-alive
Akamai-Mon-Iucid-Del
312833
Content-Length
566820
Pragma
no-cache
Last-Modified
Fri, 18 Aug 2023 18:04:18 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
X-Akamai-Live-Origin-QoS
d=7000;t=1692381858.636
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535944
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 17 Aug 2024 18:03:43 GMT
tv2track.php
collector-16834.us.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-16834.us.tvsquared.com/tv2track.php?action_name=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&idsite=TV-8136186354-1&rec=1&r=546495&h=8&m=4&s=39&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&_id=09f28b524d7b9089&_idts=1692381880&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=239
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.46.108 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-46-108.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Date
Fri, 18 Aug 2023 18:04:39 GMT
Server
nginx
Connection
keep-alive
Request-Id
abe09849-c138-421c-98c9-cdb77a016cb8
Content-Length
42
Content-Type
image/gif
tv2track.php
collector-16834.us.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-16834.us.tvsquared.com/tv2track.php?action_name=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&idsite=TV-8136186354-1&rec=1&r=300125&h=8&m=4&s=39&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&_id=09f28b524d7b9089&_idts=1692381880&_idvc=0&_idn=0&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=239
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.46.108 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-46-108.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Date
Fri, 18 Aug 2023 18:04:39 GMT
Server
nginx
Connection
keep-alive
Request-Id
cca887bc-b843-421b-b671-e5cb5b5e1d41
Content-Length
42
Content-Type
image/gif
d126473e394e98865383b10e537edd8f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d126473e394e98865383b10e537edd8f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4fcae58533cfecc2cdc7cfc7271bc5948194e2eec38f3ab1ded6cbe383764adf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d126473e394e98865383b10e537edd8f.png
age
3839644
edge-cache-tag
539210902492927692742835379311962421630,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
539210902492927692742835379311962421630,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
769
req-referer
https://abc7ny.com/
content-length
6822
x-request-id
64a55fd45b6a78bfd33136704b0cd91b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200071-IAD, cache-iad-kiad7000065-IAD, cache-chi-klot8100144-CHI, cache-iad-kcgs7200153-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 30 Jun 2023 22:10:01 GMT
server
nginx
x-timer
S1692381880.714824,VS0,VE0
etag
"4dae2f97f3971e23d40fe2089e793848"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 40363, 3
b5b977601cc8d38cf2ffc47e48e88c70.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5b977601cc8d38cf2ffc47e48e88c70.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
33851354aff7094db48330044339efaec42eda67dc57b395b5668ee98fcfeb17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5b977601cc8d38cf2ffc47e48e88c70.jpeg
age
1939166
edge-cache-tag
566673231311905823354245610241375894448,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
566673231311905823354245610241375894448,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
114
expiration
expiry-date="Wed, 02 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
16552
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000164-IAD, cache-iad-kiad7000062-IAD, cache-iad-kiad7000024-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 02 Jul 2023 16:21:45 GMT
server
nginx
x-timer
S1692381880.715684,VS0,VE0
etag
"06c797972d8a3f9eb3aefa2244daa4fa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 14770, 2
wa0bizvnknwfjqgexanu.mp4
cdn.taboola.com/libtrc/static/video/v1681044591/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1681044591/wa0bizvnknwfjqgexanu.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e57dac638c80e82775e465f78402ca2af7c5987701d749d8d221eadceb473f34

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Wn_hn0RKPmfWVKKKEg_Kcn0Egg5zX6EL
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish
x-amz-request-id
1799W7AF3M7AJBGD
age
40
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1147400/1147401
x-amz-replication-status
COMPLETED
Content-Length
1147401
x-amz-id-2
SGQ5L2adBqO606hhtfBD4wMBk95oiBn8pDW9UhUJqfdNBRqFIg4xXAAyfKTNncnEZ8iMEeGMzwY=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Sun, 09 Apr 2023 12:49:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.715261,VS0,VE1
etag
"02ee167eb9e244e4ffffe47228508c39"
content-type
video/mp4;codecs=avc1
abp
23
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
o1pznneioymmc3a0jcne.mp4
cdn.taboola.com/libtrc/static/video/v1686342657/ 		583 KB
584 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1686342657/o1pznneioymmc3a0jcne.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de48cff22d139de6e469979a3ca41de8d6e28cda4fe5883ae0811b8b6d1b636b

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
lAMQU2x7bcOIvZKFjACpkQhJY3NO1edi
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish
x-amz-request-id
E6BC341Y2NTDAGST
age
9
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-597299/597300
x-amz-replication-status
COMPLETED
Content-Length
597300
x-amz-id-2
L+kMGef5OM+r0NrlmCZpxl+9YWFpnE+yaCMLk6H+Vvc9Qi6QZz4g2DX1bFbdagsdDQamov4OxfM=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Fri, 09 Jun 2023 20:31:04 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.715174,VS0,VE1
etag
"0e4c75fc8e22c6d0e31a5d597b9e0bcc"
content-type
video/mp4;codecs=avc1
abp
72
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
fhnf6fy1yqqt43msgxsc.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1687682862/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1687682862/fhnf6fy1yqqt43msgxsc.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cd9160ce46db8a3688240d9461c78c803285cbd34a75ef58e8b402392115a0a

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
43RBO6g2S7b7WF_hRMYQQYmH3rz3MoEi
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish
x-amz-request-id
NKPHZ93AEYQF1SEM
age
52
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1344453/1344454
x-amz-replication-status
COMPLETED
Content-Length
1344454
x-amz-id-2
L4jSwNfnhpK5gjMNrFmvQC0oD2IujTURFTqCDtZ5ZhXwsKZYr2l0bcknQFYk13qBCMBQu97ZfVg=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Sun, 25 Jun 2023 08:48:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.715708,VS0,VE2
etag
"91770bfbae917a0f28c3031e4a5825dc"
content-type
video/mp4;codecs=avc1
abp
55
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
ix4pedxbzcjsbbhdpbsp.mp4
cdn.taboola.com/libtrc/static/video/v1688476721/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1688476721/ix4pedxbzcjsbbhdpbsp.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd7342e6c30eaae65b03684a5e0551e887b2291bf79f9b46ccdefc5a43238a2a

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
VCQwgXzKLslowy67detVeE1sSsARW2KW
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish
x-amz-request-id
BCR3557D5RYE3FC8
age
118
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1070317/1070318
x-amz-replication-status
COMPLETED
Content-Length
1070318
x-amz-id-2
GttYelIlycYXxkXdqJbeNWm8eP9fob2Bo1CWMH0Fw57OnXNW5M6WU3TJ8t//VlxahYW0ZXGVkZg=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Tue, 04 Jul 2023 13:18:48 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.715714,VS0,VE28
etag
"95522973b3961ca85eda7c94a8e5abe7"
content-type
video/mp4;codecs=avc1
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
collect
analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-F7XWSR753Q&gtm=45je38g0&_p=1839280050&_gaz=1&gdid=dYmQxMT&cid=1482041932.1692381879&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&dt=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&sid=1692381879&sct=1&seg=0&dl=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&dp=&uid=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7XWSR753Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F7XWSR753Q&cid=1482041932.1692381879&gtm=45je38g0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7XWSR753Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		227 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&pid=XIkXlbp0QR3S4&cb=0&ws=1600x1200&v=23.814.1438&t=2000&slots=%5B%7B%22sd%22%3A%22front_universal%22%2C%22s%22%3A%5B%221140x250%22%2C%221140x600%22%2C%22970x250%22%2C%22728x90%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F32805352%2Fco-denver-KUSA-B3316_DesktopTablet%2Ffront_universal%2Fnews%2Flocal%22%7D%5D&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=%5B7%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
c167de6525c68fafd11785fa6e71d49f9418a558f78c1a0b52fd32e1ed4dccee
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
EV4GZSJG7AFCTQ617A4C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
227
x-amz-cf-id
hIkKtXMP5gvcsRoS9DYybMVJh7jxmyI06sFhpvc9UoQbLAg4V6uBBQ==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		107 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&gdpr_applies=0&consent_string=&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.115.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-115-28.compute-1.amazonaws.com
Software
/
Resource Hash
fc21bb747370fb757b1f7f59e1b02048183599b561be7425494ac0501ac9c170

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
bid
aax.amazon-adsystem.com/e/dtb/ 		227 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&pid=XIkXlbp0QR3S4&cb=1&ws=1600x1200&v=23.814.1438&t=2000&slots=%5B%7B%22sd%22%3A%22masthead_sponsor%22%2C%22s%22%3A%5B%22112x38%22%5D%2C%22sn%22%3A%22%2F32805352%2Fco-denver-KUSA-B3316_DesktopTablet%2Fmasthead_sponsor%2Fnews%2Flocal%22%7D%5D&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=%5B7%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
6c4f959c16b3ba3a8322e383de3b14e4496219822a91f099eacbcc8662024a35
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
Q1008Y4E3TZYWBQDH3T9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
227
x-amz-cf-id
pHpHu-eVCqMYNa9IzXXiYkmO64Ev14wRvXFP9xa-xfyAHSffR9Y9TA==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		107 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&gdpr_applies=0&consent_string=&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.115.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-115-28.compute-1.amazonaws.com
Software
/
Resource Hash
fc21bb747370fb757b1f7f59e1b02048183599b561be7425494ac0501ac9c170

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
60883757d501c9f4cf62a29289151855.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60883757d501c9f4cf62a29289151855.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b6792c25892f0ef356be11372c54db01d7db1aa6fe4a631e4dadfd11b02e20cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60883757d501c9f4cf62a29289151855.jpg
age
3453504
edge-cache-tag
398320904992263439557892664039355633009,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
398320904992263439557892664039355633009,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
80
expiration
expiry-date="Wed, 26 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://apnews.com/
content-length
17530
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kcgs7200059-IAD, cache-chi-klot8100148-CHI, cache-iad-kjyo7100051-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 25 Jun 2023 08:48:26 GMT
server
nginx
x-timer
S1692381880.811357,VS0,VE0
etag
"c6696a5522878208f6286ee43689c2ba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 1, 3399, 2
861d9ba2-f6bb-4faa-8397-0bff5b413845__tWsCGP9s.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/861d9ba2-f6bb-4faa-8397-0bff5b413845__tWsCGP9s.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e5ebfab453c56bdd5812bbd46adc74d14e6ed486427395cb59c43a91db2752cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/861d9ba2-f6bb-4faa-8397-0bff5b413845__tWsCGP9s.jpg
age
711630
edge-cache-tag
523435076242603829153324146422105346518,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
523435076242603829153324146422105346518,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
250
expiration
expiry-date="Mon, 14 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ocregister.com/2006/02/15/gay-couples-seek-marriage-licenses/
content-length
10346
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000130-IAD, cache-iad-kiad7000151-IAD, cache-lga21923-LGA, cache-iad-kjyo7100133-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 14 Jul 2023 17:22:32 GMT
server
nginx
x-timer
S1692381880.812726,VS0,VE0
etag
"70fea92498b41fbb2ea839088d841cc7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5082, 2
5348be9e5771faba8e5b9717574f1751.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5348be9e5771faba8e5b9717574f1751.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb172fc2600cd306d47576f9f045b42aca72bb9370af7dfcf433bd1788be2b86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5348be9e5771faba8e5b9717574f1751.jpg
age
4216653
edge-cache-tag
362055734696482388674623839365043175951,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
362055734696482388674623839365043175951,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
69
req-referer
https://www.theblaze.com/news/airline-pilot-goes-viral-after-telling-passengers-what-behavior-wont-fly?utm_source=theblaze-dailyPM&utm_medium=email&utm_campaign=Daily-Newsletter__PM%202023-08-04&utm_term=ACTIVE%20LIST%20-%20TheBlaze%20Daily%20PM
content-length
10194
x-request-id
e863a6ac99f22f655d9d8dffa5f006d2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000036-IAD, cache-iad-kiad7000027-IAD, cache-chi-klot8100166-CHI, cache-iad-kjyo7100122-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 30 Jun 2023 10:08:09 GMT
server
nginx
x-timer
S1692381880.813177,VS0,VE0
etag
"11ab629f058c0bd95211bfb45118b366"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 1144, 2
a39480296251b9ce43873210c54c9ded.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a39480296251b9ce43873210c54c9ded.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
30d0a285606f1e2daa6a3f104cda8b88c48ca16c2235a00d8835ea1a89e646d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a39480296251b9ce43873210c54c9ded.jpg
age
1407447
edge-cache-tag
526121640909749676821420417697328330709,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
526121640909749676821420417697328330709,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
350
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
11454
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200048-IAD, cache-iad-kcgs7200143-IAD, cache-lax10623-LGB, cache-iad-kjyo7100076-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 10 Jul 2023 02:48:47 GMT
server
nginx
x-timer
S1692381880.813169,VS0,VE0
etag
"0fad21366b8fb4646f251a1d81f02123"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 2
8fb94f9a9b895af92cb1eef2bf110a2d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fb94f9a9b895af92cb1eef2bf110a2d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de29f2881647a7ef017fdac1f82683f1a8c92dfd33202461338f682b84b7ca6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8fb94f9a9b895af92cb1eef2bf110a2d.jpg
age
3894780
edge-cache-tag
394786009337311709606770766475413505027,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
394786009337311709606770766475413505027,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
167
expiration
expiry-date="Wed, 26 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tips-and-tricks.co/
content-length
8264
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kiad7000030-IAD, cache-lga21964-LGA, cache-iad-kiad7000062-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 25 Jun 2023 12:19:51 GMT
server
nginx
x-timer
S1692381880.813179,VS0,VE0
etag
"72770240d16b1456939d8ed35a02bf7d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 8, 1, 6, 2
ad17557503381b2dce6e73997a1355cf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad17557503381b2dce6e73997a1355cf.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
932bf23b670378e8f97637e5074aa3893b36b48c662bc80b709d05211733d519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad17557503381b2dce6e73997a1355cf.jpg
age
828008
edge-cache-tag
619189248453773017753199393139597819198,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
619189248453773017753199393139597819198,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
90
req-referer
https://www.tips-and-tricks.co/
content-length
8958
x-request-id
dadc37fe23d5621cd8dfd8bf98b46c9b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kiad7000037-IAD, cache-lax10642-LGB, cache-iad-kcgs7200111-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 08 Aug 2023 12:45:39 GMT
server
nginx
x-timer
S1692381880.813021,VS0,VE0
etag
"3b1178bd5882750485a8bc169df2bdce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 22, 2
6481b1326840c54563b12e50bb0892dd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6481b1326840c54563b12e50bb0892dd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b45cc80258f72283185f78dc0958e70654cbc33f894b847ce5040de603829d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6481b1326840c54563b12e50bb0892dd.jpg
age
2263845
edge-cache-tag
517638281455395765445681838070088073380,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
517638281455395765445681838070088073380,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
89
expiration
expiry-date="Tue, 08 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://christiannewsalerts.com/
content-length
12100
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kiad7000144-IAD, cache-lga21945-LGA, cache-iad-kjyo7100129-IAD, cache-mia-kmia1760096-MIA
last-modified
Sat, 08 Jul 2023 15:49:00 GMT
server
nginx
x-timer
S1692381880.939072,VS0,VE0
etag
"911695e4a5e791787229ef2618aee5ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 20, 5
cc8fd26056ee1d93b302f130087ece82.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc8fd26056ee1d93b302f130087ece82.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b3f08176d7848b139eb3594f6f16885ace670fb22de7e1a9ecf3eb3fbf255cf5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cc8fd26056ee1d93b302f130087ece82.png
age
2554127
edge-cache-tag
463283055363041377118801063663092201605,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
463283055363041377118801063663092201605,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
20
expiration
expiry-date="Wed, 02 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wtaj.com/
content-length
15704
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200148-IAD, cache-iad-kcgs7200107-IAD, cache-sna10723-LGB, cache-iad-kcgs7200029-IAD, cache-mia-kmia1760096-MIA
last-modified
Sun, 02 Jul 2023 17:46:32 GMT
server
nginx
x-timer
S1692381880.939766,VS0,VE0
etag
"63a23fa5ddbe84592b51d70174b34fc1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 13080, 106
fcb9a103-784c-4e08-8f56-46e470908fce_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/CCT/images/fcb9a103-784c-4e08-8f56-46e470908fce/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/CCT/images/fcb9a103-784c-4e08-8f56-46e470908fce/fcb9a103-784c-4e08-8f56-46e470908fce_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5dcd94ef8ae374036b8d542e717122ca22b89e01408779657d18527275199d86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/CCT/images/fcb9a103-784c-4e08-8f56-46e470908fce/fcb9a103-784c-4e08-8f56-46e470908fce_1140x641.jpg
age
594120
edge-cache-tag
555463863754023651221514737384381846438,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
555463863754023651221514737384381846438,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
87
req-referer
https://d-7394902811495721702.ampproject.net/
content-length
11410
x-request-id
790010a2403f96f6ccbb7725fec3385d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kjyo7100038-IAD, cache-chi-klot8100110-CHI, cache-iad-kiad7000068-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 11 Aug 2023 21:02:10 GMT
server
nginx
x-timer
S1692381880.939786,VS0,VE0
etag
"f57b0718cef9ed2f5df727972665aa62"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 6, 2
supply-feature
ch-trc-events.taboola.com/tegna-kusa/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tegna-kusa/log/3/supply-feature?route=US:CH:V&tvi2=10442&lti=deflated&ri=29bfa9be0bdd644cb521ee126398e4fd&sd=v2_4d62979fa0ead19e474e7f498c13c11a_5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836_1692381878_1692381878_CNawjgYQkqw_GLGuyM6gMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGjxg5HW9JH9uAVwAQ&ui=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&pi=/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53&wi=8656952373639217571&pt=video&vi=1692381878065&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2248.734375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A04%3A39.851&id=7949&llvl=2&cv=20230816-2-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
2b25192c4d7d1f5d054cdbf237a14599.jfif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b25192c4d7d1f5d054cdbf237a14599.jfif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a397c8e3701c39e45c6f3906cd568781f6b10a0560877e6356b3bd2d2f344bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b25192c4d7d1f5d054cdbf237a14599.jfif
age
1397634
edge-cache-tag
608738567394230146010303049411615452611,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
608738567394230146010303049411615452611,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
30
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wcjb.com/
content-length
12154
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100065-IAD, cache-iad-kiad7000166-IAD, cache-sna10730-LGB, cache-iad-kjyo7100100-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 21 Jul 2023 09:25:14 GMT
server
nginx
x-timer
S1692381880.940041,VS0,VE0
etag
"d3ce76dba8fa680b662f13bf78fbde05"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1362, 2
f264f827-eb65-4823-8e52-3f42620ee09f_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/f264f827-eb65-4823-8e52-3f42620ee09f/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/f264f827-eb65-4823-8e52-3f42620ee09f/f264f827-eb65-4823-8e52-3f42620ee09f_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e5b0e5ece993efe9470a053cad3c0118664679c6a544a07263e2061fd20da1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/f264f827-eb65-4823-8e52-3f42620ee09f/f264f827-eb65-4823-8e52-3f42620ee09f_1140x641.jpg
age
266739
edge-cache-tag
447910934831651561174043081528886737528,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
447910934831651561174043081528886737528,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
194
req-referer
https://www.9news.com/
content-length
11100
x-request-id
a9150d9236f1586f8ad819817bd2eb8b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100168-IAD, cache-iad-kiad7000117-IAD, cache-lga21921-LGA, cache-iad-kjyo7100134-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 15 Aug 2023 15:56:55 GMT
server
nginx
x-timer
S1692381880.940008,VS0,VE0
etag
"d4a114cbf60bd66d662aca1a10e0ef16"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 34, 2
bdede81e1033ef3200e45ebaec02d524__scv1__1200x628.png
images.taboola.com/taboola/image/fetch/$pw_300%2C$ph_167/t_tbl-cnd/https%3A//images.mediago.io/ML/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/$pw_300%2C$ph_167/t_tbl-cnd/https%3A//images.mediago.io/ML/bdede81e1033ef3200e45ebaec02d524__scv1__1200x628.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ba309b9325e9ba8b52ed51c9df5c0012d227e7e5cbd6ed87e3b7a90ca09ced3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/$pw_300%2C$ph_167/t_tbl-cnd/https%3A//images.mediago.io/ML/bdede81e1033ef3200e45ebaec02d524__scv1__1200x628.png
age
1427912
edge-cache-tag
564796811860576494714815428290969391550,358470977692125167815641153303915564582,29ecf9b93bbf306179626feeda1fab70
cache-tag
564796811860576494714815428290969391550,358470977692125167815641153303915564582,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
595
req-referer
https://therookiewire.usatoday.com/
content-length
10328
x-request-id
97ae2680b9059e9c9bad493cf4d8398e
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100175-IAD, cache-iad-kiad7000088-IAD, cache-sna10751-LGB, cache-iad-kjyo7100076-IAD, cache-mia-kmia1760096-MIA
last-modified
Wed, 02 Aug 2023 03:35:55 GMT
server
nginx
x-timer
S1692381880.943907,VS0,VE0
etag
"a22616035d3c541b589a39e7f295a41f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16903, 2
d3570b15da44605dc18c598bb284378e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3570b15da44605dc18c598bb284378e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d6d3dc2473b65d8bdbc2ab575951583085f7d533f95c110a849f94716e4aa893

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d3570b15da44605dc18c598bb284378e.png
age
4500818
edge-cache-tag
301553316527501569615204938924731270501,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
301553316527501569615204938924731270501,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://myfox8.com/
content-length
19476
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100049-IAD, cache-iad-kiad7000086-IAD, cache-chi-klot8100085-CHI, cache-iad-kcgs7200075-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 12 Jun 2023 18:39:56 GMT
server
nginx
x-timer
S1692381880.980581,VS0,VE0
etag
"57a78e14d655fe8686eff727377c814e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 4159, 7807
f2de2687dd0397879377006c5ad34e34.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f2de2687dd0397879377006c5ad34e34.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2d59e7aacec4d8734605ca27f1ed93ae3de3eb9f981f9914a6c0269cb3ed285

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f2de2687dd0397879377006c5ad34e34.jpeg
age
1503946
edge-cache-tag
534358134821188198369924357152995155616,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
534358134821188198369924357152995155616,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
159
expiration
expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thenigerialawyer.com/
content-length
10870
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kjyo7100073-IAD, cache-lax10643-LGB, cache-iad-kiad7000030-IAD, cache-mia-kmia1760096-MIA
last-modified
Wed, 05 Jul 2023 21:17:50 GMT
server
nginx
x-timer
S1692381880.980751,VS0,VE0
etag
"ca7643e6e55d3c0323d7edbd9ad7f290"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 9, 2
bid
aax.amazon-adsystem.com/e/dtb/ 		227 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&pid=XIkXlbp0QR3S4&cb=2&ws=1600x1200&v=23.814.1438&t=2000&slots=%5B%7B%22sd%22%3A%22front_atf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F32805352%2Fco-denver-KUSA-B3316_DesktopTablet%2Ffront_atf%2Fnews%2Flocal%22%7D%5D&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=%5B7%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8234be32fcc5e929e2e1ccc4f44a406346532f09f771d89bcc4e6741a25acf45
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
SP7KV5417B3C8PCA46SZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
227
x-amz-cf-id
WYCe6N5kXJr7fFn0sYOf_1ThntKR0Rpem5ozOF68bsRbO10ItdoicQ==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		107 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&gdpr_applies=0&consent_string=&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.115.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-115-28.compute-1.amazonaws.com
Software
/
Resource Hash
fc21bb747370fb757b1f7f59e1b02048183599b561be7425494ac0501ac9c170

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
70b204aaaf41ce2752c0155d43dc2368.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b204aaaf41ce2752c0155d43dc2368.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0040d5c2c7015a73edef55cb4d880a8c25d548ccf2935a6780242aeb39ad9d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/70b204aaaf41ce2752c0155d43dc2368.jpeg
age
3314846
edge-cache-tag
307313362972025287829736246734622842620,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
307313362972025287829736246734622842620,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
127
req-referer
https://www.9news.com/
content-length
35300
x-request-id
ef5f71b245c8b5a8edd1a653774e4794
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200041-IAD, cache-iad-kjyo7100059-IAD, cache-lga21920-LGA, cache-iad-kcgs7200111-IAD, cache-mia-kmia1760096-MIA
last-modified
Sat, 08 Jul 2023 05:53:22 GMT
server
nginx
x-timer
S1692381880.980716,VS0,VE0
etag
"44ee89490cbd5c7f9071f299fc66634b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 2677, 2
d27c1d91680bca1c6833b03cde4e3838
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d27c1d91680bca1c6833b03cde4e3838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
792309ef28e11a995d7796532378b32a33ca5b1038059e4cd3186c68e8fb557c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d27c1d91680bca1c6833b03cde4e3838
age
640428
edge-cache-tag
585858606598010724988396161206278579287,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
585858606598010724988396161206278579287,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
98
req-referer
https://apnews.com/
content-length
7870
x-request-id
27e9bba9dd26276e340f8d66abadf6c5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200110-IAD, cache-iad-kcgs7200141-IAD, cache-chi-kigq8000064-CHI, cache-iad-kcgs7200157-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 21 Jul 2023 04:17:22 GMT
server
nginx
x-timer
S1692381880.981342,VS0,VE0
etag
"1db3def4ac1a30d54e399effeb537052"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 8, 2
894a6783-d993-487b-afa7-d8856b2609ff_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/894a6783-d993-487b-afa7-d8856b2609ff/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/894a6783-d993-487b-afa7-d8856b2609ff/894a6783-d993-487b-afa7-d8856b2609ff_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
709f83b4cf43cf2b4a2d676302787c4b28b5c2387884bd4fc16e9c844c2ffd38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/894a6783-d993-487b-afa7-d8856b2609ff/894a6783-d993-487b-afa7-d8856b2609ff_1140x641.jpg
age
80011
edge-cache-tag
390561946745903987466544141974164639305,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
390561946745903987466544141974164639305,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
139
req-referer
https://www.9news.com/
content-length
23632
x-request-id
4e0a6f42228992b66074c68f0fd9f2b7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000063-IAD, cache-iad-kcgs7200070-IAD, cache-chi-kigq8000100-CHI, cache-iad-kcgs7200029-IAD, cache-mia-kmia1760096-MIA
last-modified
Thu, 17 Aug 2023 19:40:27 GMT
server
nginx
x-timer
S1692381880.981322,VS0,VE0
etag
"0e5e352fd1798c9b01d943c7f781d0d3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 35, 2
ccde5064-7dfb-4281-b52a-695954da9ca9_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ccde5064-7dfb-4281-b52a-695954da9ca9_1140x641.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
caf9fbdd15c2496464e6a8bb9fd7072bc2127d5914d661f79b056bc2ccc693f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:39 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.9news.com/assets/KUSA/images/ccde5064-7dfb-4281-b52a-695954da9ca9/ccde5064-7dfb-4281-b52a-695954da9ca9_1140x641.jpg
age
17734
edge-cache-tag
324432621858840852575688326638077285476,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
324432621858840852575688326638077285476,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
156
req-referer
https://www.9news.com/
content-length
17278
x-request-id
89f565d49e30298d0d8d9d5dda70253c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200168-IAD, cache-iad-kcgs7200119-IAD, cache-chi-kigq8000047-CHI, cache-iad-kcgs7200042-IAD, cache-mia-kmia1760096-MIA
last-modified
Fri, 18 Aug 2023 13:07:07 GMT
server
nginx
x-timer
S1692381880.981304,VS0,VE0
etag
"fcbcfb73aad5eaccbc6046da263138a1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 2, 2
d9687d68-766c-4038-b5b8-fd2bae9e0702
https://www.9news.com/ 		80 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.9news.com/d9687d68-766c-4038-b5b8-fd2bae9e0702
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbc08716bf0cefb93b9b44ffaa0db4ec7507183ecd5f12143c79239d6baecaab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
81578
Content-Type
text/javascript
50116c9e-fc07-40c0-85c7-7a0b2e782387__VJ0jt5kt.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/50116c9e-fc07-40c0-85c7-7a0b2e782387__VJ0jt5kt.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5712e295ec2cbabae21b92a673c55001e6fdbbaa282b5cb1e917c89536c24366

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/50116c9e-fc07-40c0-85c7-7a0b2e782387__VJ0jt5kt.jpg
age
980872
edge-cache-tag
425975348539412634676486690330649207482,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
425975348539412634676486690330649207482,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
503
req-referer
https://www.wcnc.com/section/community
content-length
10742
x-request-id
3bb1fa8414f7857894efb1a1df3ae43f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000129-IAD, cache-iad-kiad7000112-IAD, cache-lax10649-LGB, cache-iad-kcgs7200160-IAD, cache-mia-kmia1760096-MIA
last-modified
Mon, 07 Aug 2023 01:49:40 GMT
server
nginx
x-timer
S1692381880.035557,VS0,VE0
etag
"440cb77d28d27f70b81f09ebe0eb6d3d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3021, 2
9a89c3f33d84e57986375e72129e156a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a89c3f33d84e57986375e72129e156a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
58c9c68121fafcc314ae2149f5e005ced17bc27359a600003a60393540144d42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a89c3f33d84e57986375e72129e156a.jpeg
age
1244594
edge-cache-tag
520364697784630530475021722557893483529,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
520364697784630530475021722557893483529,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
259
expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newscentermaine.com/
content-length
6970
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000043-IAD, cache-iad-kiad7000144-IAD, cache-sna10735-LGB, cache-iad-kcgs7200131-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 18 Jul 2023 04:43:39 GMT
server
nginx
x-timer
S1692381880.035540,VS0,VE0
etag
"992ad649eb543026a1a53a951d4f89fe"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3022, 2
9a050f29b870e3d069d9c0cadd613b52.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a050f29b870e3d069d9c0cadd613b52.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d523593fc48f2ad0f13d2e2820a76cfb58fd2d34a05c9946f73daf9584e0eab9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a050f29b870e3d069d9c0cadd613b52.png
age
1316479
edge-cache-tag
311087045331964386384116310319877332806,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
311087045331964386384116310319877332806,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
465
expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.theblaze.com/
content-length
14686
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100172-IAD, cache-iad-kiad7000109-IAD, cache-chi-klot8100091-CHI, cache-iad-kcgs7200071-IAD, cache-mia-kmia1760096-MIA
last-modified
Tue, 18 Jul 2023 15:47:36 GMT
server
nginx
x-timer
S1692381880.035557,VS0,VE0
etag
"1289ee5bd255a391b2867ca31b290a15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 583, 2
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=724
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		575 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
83d0ff3d4c912a717748d04629c2d53e22996a34b13dd6e76685dfbd89d8b3d3

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
367
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.39.0&referrer=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.87.189.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-189-207.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=646647
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f84c7301346d21326c7d3932750070b8adfb34fe12241d79776df850b5c9d7c4

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJiW5j82o06%2FgpJUiWR6YRpraeeQNIA2krDVrZ%2BHJBJxM%2Fg3HGOXbnsaIaoDZ1ZnTNZi2%2BGC8BVCq93kIoJUbNund5E7iEfh07BC9faLMQmC8A%2B5v8YWYcYwGdzs4bIxuYc8%2BQtT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.9news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f8c149f0a52498c-MIA
alt-svc
h3=":443"; ma=86400
expires
0
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.39.0&cb=7234662102&lsavail=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:39 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
krk.kargo.com/api/v2/ 		2 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22aafd4b60-2ce4-4f4c-9c85-56119739feb5%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A950%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1692381880055%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2212ec87c8d14854b%22%3A%22_ajQZlATRMG%22%7D%2C%22bidSizes%22%3A%7B%2212ec87c8d14854b%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_ajQZlATRMG%22%2C%22timeout%22%3A0%2C%22display%22%3A0%2C%22kgpv%22%3A%22front_universal%40front_universal%40970x250%22%2C%22regexPattern%22%3A%22.*%40.*%40.*%22%7D%2C%22auctionId%22%3A%2235c4196b-02b7-4495-a4a3-c80f9a8f03c0%22%2C%22floorData%22%3A%7B%22skipped%22%3Atrue%2C%22skipRate%22%3A90%2C%22modelVersion%22%3A%22M_2%22%2C%22modelWeight%22%3A94%2C%22location%22%3A%22fetch%22%2C%22floorProvider%22%3A%22PM%22%2C%22fetchStatus%22%3A%22success%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22b5d10296-594e-4f20-8e9f-985faf829eab%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5d10296-594e-4f20-8e9f-985faf829eab%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22426c80ab-f2fc-4198-9f43-7aa6cfc3faa3%22%2C%22data%22%3A%7B%22pbadslot%22%3A%22front_universal%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22front_universal%22%2C%22transactionId%22%3A%22426c80ab-f2fc-4198-9f43-7aa6cfc3faa3%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%2212ec87c8d14854b%22%2C%22bidderRequestId%22%3A%22116cc32cd0a9af2%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.100006103515625%5D%2C%22userId.mod.init%22%3A%5B2.0999984741210938%2C0.40000152587890625%2C0.8000030517578125%2C5.599998474121094%2C0.5999984741210938%5D%2C%22userId.mods.criteo.init%22%3A%5B2.0999984741210938%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.40000152587890625%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.8000030517578125%5D%2C%22userId.mods.sharedId.init%22%3A%5B5.599998474121094%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B19.099998474121094%5D%2C%22requestBids.usp%22%3A2%2C%22requestBids.priceFloors%22%3A0.8000030517578125%2C%22requestBids.userId%22%3A0.9000015258789062%2C%22requestBids.validate%22%3A0.5%2C%22requestBids.makeRequests%22%3A15.400001525878906%2C%22adapter.client.validate%22%3A0.09999847412109375%2C%22adapters.client.kargo.validate%22%3A0.09999847412109375%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22domain%22%3A%229news.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%229news.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221YNY%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.232.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-232-98.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:40 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
510
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.9news.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
hb
hb.undertone.com/ 		0
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=9news.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-83.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.9news.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
70
x-amz-cf-id
YBaPnA1LjGVRrNWhpnMjLY1CK0e76JLGzgdfY6JnIdW_qdjN22JSKQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
v2
e.serverbid.com/api/ 		16 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
bid-request
a.teads.tv/hb/ 		16 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.160 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.9news.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 18 Aug 2023 18:04:40 GMT
v2
e.serverbid.com/api/ 		16 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.39.0&cb=65655494987&lsavail=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:39 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/ 		635 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
bb702c30fde1d1a4d8b3a6f56b64756fe50eac0f8676fcabffe60e49f7af7815

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
405
bid-request
a.teads.tv/hb/ 		16 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.160 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.9news.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 18 Aug 2023 18:04:40 GMT
hb
hb.undertone.com/ 		0
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=9news.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-83.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.9news.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
152
x-amz-cf-id
alCPnEKaw64LCwc47nsnCehJX9UaGwhqgjRGbVixPTU482-dogp2Xg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.39.0&referrer=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.87.189.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-189-207.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22aafd4b60-2ce4-4f4c-9c85-56119739feb5%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A950%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1692381880120%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2232c76ce271ae3b8%22%3A%22_ajQZlATRMG%22%7D%2C%22bidSizes%22%3A%7B%2232c76ce271ae3b8%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_ajQZlATRMG%22%2C%22timeout%22%3A0%2C%22display%22%3A0%2C%22kgpv%22%3A%22front_atf%40front_atf%40300x250%22%2C%22regexPattern%22%3A%22.*%40.*%40.*%22%7D%2C%22auctionId%22%3A%2262e7149c-ada6-4f11-81ec-59f82a3bfcd8%22%2C%22floorData%22%3A%7B%22skipped%22%3Atrue%2C%22skipRate%22%3A90%2C%22modelVersion%22%3A%22M_2%22%2C%22modelWeight%22%3A94%2C%22location%22%3A%22fetch%22%2C%22floorProvider%22%3A%22PM%22%2C%22fetchStatus%22%3A%22success%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22b5d10296-594e-4f20-8e9f-985faf829eab%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5d10296-594e-4f20-8e9f-985faf829eab%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%223de752bf-601f-46c4-9949-8323ff9ffd54%22%2C%22data%22%3A%7B%22pbadslot%22%3A%22front_atf%22%7D%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22front_atf%22%2C%22transactionId%22%3A%223de752bf-601f-46c4-9949-8323ff9ffd54%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2232c76ce271ae3b8%22%2C%22bidderRequestId%22%3A%2231b3d17c5f0fa38%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.100006103515625%5D%2C%22userId.mod.init%22%3A%5B2.0999984741210938%2C0.40000152587890625%2C0.8000030517578125%2C5.599998474121094%2C0.5999984741210938%5D%2C%22userId.mods.criteo.init%22%3A%5B2.0999984741210938%5D%2C%22userId.mods.id5Id.init%22%3A%5B0.40000152587890625%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.8000030517578125%5D%2C%22userId.mods.sharedId.init%22%3A%5B5.599998474121094%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.5999984741210938%5D%2C%22userId.init.modules%22%3A%5B19.099998474121094%5D%2C%22requestBids.usp%22%3A6.700004577636719%2C%22requestBids.priceFloors%22%3A0.5%2C%22requestBids.userId%22%3A0.1999969482421875%2C%22requestBids.validate%22%3A0.20000457763671875%2C%22requestBids.makeRequests%22%3A1.600006103515625%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22domain%22%3A%229news.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%229news.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221YNY%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.232.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-232-98.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:40 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
510
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.9news.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=689
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=645851
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fceefe01f62e40ea32b5a3844130f572fb31a1831c4f6bf1db3a18cbb7bfeccd

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhdN5OXLxXfyFpcQIW2msOaRPJcseEB9C%2FQGatyKyzjTUzvVhq%2BVTMi47mlZs4wKbsb6aW1dGS4TiBAucSqpOPNJHCdPaxzefvudNOf8RTVdnIAwy1P7v483yvSiGZp4xG%2FXNDHH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.9news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f8c149f0a53498c-MIA
alt-svc
h3=":443"; ma=86400
expires
0
bulk
trc.taboola.com/tegna-kusa/log/3/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tegna-kusa/log/3/bulk?tvi2=10442&route=US%3ACH%3AV&lti=deflated&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
42
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
30224
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760096-MIA
pragma
no-cache
server
nginx
x-timer
S1692381880.331172,VS0,VE42
content-type
image/gif
access-control-allow-origin
https://www.9news.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
st
imprchmp.taboola.com/ Frame D042 		577 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=undefined&cb=1692381880294&uv=3321&tms=1692381880294&abt=aniview_inc_vA!nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=0492ea76-c8ad-4586-ac98-be6c13da22f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
781fe7f9128c1e95299e43df09f692803ef62dcea9f28888d5c087c516aed327

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 18:04:40 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760096-MIA
x-timer
S1692381880.339487,VS0,VE33
sync
ch-match.taboola.com/ Frame 3B37 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e71f853bd035cc9da937f385a7b80cbaacd4bc295b2ade583fe92fd0f26ed2aa

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 18:04:40 GMT
machineid
3802
server
nginx
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=31589837&cb=1692381880294&uv=3321&tms=1692381880294&abt=aniview_inc_vA!nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1692381875945.2!ts:1692381880294&mntl=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-length
0
server
nginx
iu3
s.amazon-adsystem.com/ Frame BEEF
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&d...
397 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
528edf18a8ceff9b972df6c345e287ae5fae296684952e18c4dde0d0173d882c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
397
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 18 Aug 2023 18:04:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MWSSHZX59PBT87VK0APD

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 18:04:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TB8A4S9HC64J1SN0DRB6
wa0bizvnknwfjqgexanu.mp4
cdn.taboola.com/libtrc/static/video/v1681044591/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1681044591/wa0bizvnknwfjqgexanu.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Wn_hn0RKPmfWVKKKEg_Kcn0Egg5zX6EL
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish
x-amz-request-id
1799W7AF3M7AJBGD
age
41
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1147400/1147401
x-amz-replication-status
COMPLETED
Content-Length
1147401
x-amz-id-2
SGQ5L2adBqO606hhtfBD4wMBk95oiBn8pDW9UhUJqfdNBRqFIg4xXAAyfKTNncnEZ8iMEeGMzwY=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Sun, 09 Apr 2023 12:49:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.382293,VS0,VE1
etag
"02ee167eb9e244e4ffffe47228508c39"
content-type
video/mp4;codecs=avc1
abp
32
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
o1pznneioymmc3a0jcne.mp4
cdn.taboola.com/libtrc/static/video/v1686342657/ 		583 KB
584 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1686342657/o1pznneioymmc3a0jcne.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de48cff22d139de6e469979a3ca41de8d6e28cda4fe5883ae0811b8b6d1b636b

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
lAMQU2x7bcOIvZKFjACpkQhJY3NO1edi
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish
x-amz-request-id
E6BC341Y2NTDAGST
age
10
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-597299/597300
x-amz-replication-status
COMPLETED
Content-Length
597300
x-amz-id-2
L+kMGef5OM+r0NrlmCZpxl+9YWFpnE+yaCMLk6H+Vvc9Qi6QZz4g2DX1bFbdagsdDQamov4OxfM=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Fri, 09 Jun 2023 20:31:04 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.382766,VS0,VE1
etag
"0e4c75fc8e22c6d0e31a5d597b9e0bcc"
content-type
video/mp4;codecs=avc1
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
fhnf6fy1yqqt43msgxsc.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1687682862/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1687682862/fhnf6fy1yqqt43msgxsc.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
43RBO6g2S7b7WF_hRMYQQYmH3rz3MoEi
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish
x-amz-request-id
NKPHZ93AEYQF1SEM
age
53
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1344453/1344454
x-amz-replication-status
COMPLETED
Content-Length
1344454
x-amz-id-2
L4jSwNfnhpK5gjMNrFmvQC0oD2IujTURFTqCDtZ5ZhXwsKZYr2l0bcknQFYk13qBCMBQu97ZfVg=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Sun, 25 Jun 2023 08:48:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.388432,VS0,VE1
etag
"91770bfbae917a0f28c3031e4a5825dc"
content-type
video/mp4;codecs=avc1
abp
64
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
ix4pedxbzcjsbbhdpbsp.mp4
cdn.taboola.com/libtrc/static/video/v1688476721/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1688476721/ix4pedxbzcjsbbhdpbsp.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
VCQwgXzKLslowy67detVeE1sSsARW2KW
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish
x-amz-request-id
BCR3557D5RYE3FC8
age
118
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-1070317/1070318
x-amz-replication-status
COMPLETED
Content-Length
1070318
x-amz-id-2
GttYelIlycYXxkXdqJbeNWm8eP9fob2Bo1CWMH0Fw57OnXNW5M6WU3TJ8t//VlxahYW0ZXGVkZg=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Tue, 04 Jul 2023 13:18:48 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692381880.388436,VS0,VE1
etag
"95522973b3961ca85eda7c94a8e5abe7"
content-type
video/mp4;codecs=avc1
abp
56
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Aug 2023 18:04:40 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
91810
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f8c14a18c8e25e3-MIA
expires
Mon, 21 Aug 2023 18:04:40 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
23370
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
D2WTNGi51QLFG0O5UeZs6O4Zkye4E3WFd2HG0T_0qo0t8wmj-sFhWw==
esp.js
cdn.id5-sync.com/api/1.0/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
DMX1D9EDZEG30CKS
age
311
etag
W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f8c14a17da0370d-MIA
x-amz-id-2
eU7sl4kMp5Rju+2Vp596iAy88F67NWSlsklsVFcUtY/ya/krdrm2FdZfi+3b8FGGQOMRXRzBt9k=
ads
securepubads.g.doubleclick.net/gampad/ 		925 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554103391489545&correlator=4371547026523289&eid=31076768%2C31076868%2C31068367%2C31068826&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cco-denver-KUSA-B3316_DesktopTablet%2Cmasthead_sponsor%2Cnews%2Clocal&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=112x38&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692381880462&lmt=1692417880&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&vis=1&psz=0x0&msz=0x0&fws=644&ohw=1600&ga_vid=1482041932.1692381879&ga_sid=1692381880&ga_hid=1839280050&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRj9wMjOoDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_cDIzqAxSABSAghk&dlt=1692381876492&idt=3060&ppid=d86dab53-7c20-4056-ad9b-16f3ceb28db7&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C22%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C4f%252C4%252C3i%252C30%252C31%252C21%252C3r%252C32%252C1p&cust_params=video_included%3DTrue%26ttid%3D2d942893-5578-4aa0-a328-3528a43a3f53%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.9news.com%252Fvideo%252Fnews%252Flocal%252Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%252F73-2d942893-5578-4aa0-a328-3528a43a3f53&adks=3127148983&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7349268856c66ae223aa6dbb7c056abc918b0629f032a0f1057aa8b23ac0c287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8ad3c22753a353b1d88494ac839f9856acb3d2861ee281e3541379f24a76b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
container.html
d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1196 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:40 GMT
expires
Sat, 17 Aug 2024 18:04:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 3B37
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
32
date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760096-MIA
server
nginx
x-timer
S1692381881.102585,VS0,VE32
x-fastly-to-nlb-rtt
30707
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
date
Fri, 18 Aug 2023 18:04:40 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 3B37
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836?gdpr=0&us_privacy=1YNY
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iIDcbGpE2oQ3wIfHmiq9CCfvrgNLKhlhCO_bug--~A
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iIDcbGpE2oQ3wIfHmiq9CCfvrgNLKhlhCO_bug--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68232

Redirect headers

date
Fri, 18 Aug 2023 18:04:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-iIDcbGpE2oQ3wIfHmiq9CCfvrgNLKhlhCO_bug--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 3B37
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1YNY&verify=true
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68232

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D042
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1YNY&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=undefined&cb=1692381880294&uv=3321&tms=1692381880294&abt=aniview_inc_vA!nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=0492ea76-c8ad-4586-ac98-be6c13da22f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
32
date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760096-MIA
server
nginx
x-timer
S1692381881.102566,VS0,VE32
x-fastly-to-nlb-rtt
30286
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
date
Fri, 18 Aug 2023 18:04:40 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D042
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836?gdpr=0&us_privacy=1YNY
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-POzPy9tE2oRGLltRZtB0x3o0wKBMANDrz1pa8g--~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-POzPy9tE2oRGLltRZtB0x3o0wKBMANDrz1pa8g--~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=undefined&cb=1692381880294&uv=3321&tms=1692381880294&abt=aniview_inc_vA!nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=0492ea76-c8ad-4586-ac98-be6c13da22f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68232

Redirect headers

date
Fri, 18 Aug 2023 18:04:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-POzPy9tE2oRGLltRZtB0x3o0wKBMANDrz1pa8g--~A
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554103391489545&correlator=2590798344499506&eid=31076768%2C31076868%2C31068367%2C31068826&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cco-denver-KUSA-B3316_DesktopTablet%2Cfront_universal%2Cnews%2Clocal&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1140x250%7C1140x600%7C970x250%7C728x90%7C1x1&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692381880736&lmt=1692417880&adxs=230&adys=30&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&vis=1&psz=1600x-1&msz=1140x-1&fws=516&ohw=1600&ga_vid=1482041932.1692381879&ga_sid=1692381880&ga_hid=1839280050&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRj9wMjOoDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_cDIzqAxSABSAghk&dlt=1692381876492&idt=3060&ppid=d86dab53-7c20-4056-ad9b-16f3ceb28db7&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C22%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C4f%252C4%252C3i%252C30%252C31%252C21%252C3r%252C32%252C1p%26pwtverid%3D17%26pwtprofid%3D3965%26pwtpubid%3D160138%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D970x250%26pwtecp%3D0.23%26pwtsid%3D3923c813909c85%26pwtpid%3Dix&cust_params=video_included%3DTrue%26ttid%3D2d942893-5578-4aa0-a328-3528a43a3f53%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.9news.com%252Fvideo%252Fnews%252Flocal%252Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%252F73-2d942893-5578-4aa0-a328-3528a43a3f53&adks=1190557696&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4566a3fb681dd1c78a05043b807bc30b7d03f77318abc10720aae97fcaa76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12245
x-xss-protection
0
google-lineitem-id
6184690075
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138309604546
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554103391489545&correlator=2091825817362444&eid=31076768%2C31076868%2C31068367%2C31068826&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cco-denver-KUSA-B3316_DesktopTablet%2Cfront_atf%2Cnews%2Clocal&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692381880769&lmt=1692417880&adxs=1070&adys=162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&vis=1&psz=360x310&msz=360x310&fws=516&ohw=1600&ga_vid=1482041932.1692381879&ga_sid=1692381880&ga_hid=1839280050&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRj9wMjOoDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_cDIzqAxSABSAghk&dlt=1692381876492&idt=3060&ppid=d86dab53-7c20-4056-ad9b-16f3ceb28db7&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C22%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C4f%252C4%252C3i%252C30%252C31%252C21%252C3r%252C32%252C1p%26pwtverid%3D17%26pwtprofid%3D3965%26pwtpubid%3D160138%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D300x250%26pwtecp%3D2.89%26pwtsid%3D403ee26e408d631%26pwtpid%3Dix&cust_params=video_included%3DTrue%26ttid%3D2d942893-5578-4aa0-a328-3528a43a3f53%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.9news.com%252Fvideo%252Fnews%252Flocal%252Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%252F73-2d942893-5578-4aa0-a328-3528a43a3f53&adks=2565364599&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52ee66c35fa6e78f16c92d1024a005f3320f719c68e5e5e1681bf7a4e5fdb664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12183
x-xss-protection
0
google-lineitem-id
5657431395
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345135447
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A2F7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=undefined&cb=1692381880294&uv=3321&tms=1692381880294&abt=aniview_inc_vA!nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=0492ea76-c8ad-4586-ac98-be6c13da22f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprchmp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
df647469298900acae6f6a1c6475c04f91c50c964649a8c6c87edb3a6bfc917d

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1216
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:41 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 18:04:40 GMT
location
/sync?us_privacy=1YNY&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 05B4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1102
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f8c14a3bad23710-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 18:04:40 GMT
expires
Fri, 18 Aug 2023 22:04:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 3C24 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
37603
content-encoding
gzip
content-type
text/html
date
Fri, 18 Aug 2023 07:37:59 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
x-amz-cf-id
_l2IoqrYwjyssb0Cnp9wgTSAfEVxwZ58jxFv-wTCHhjU_W-wrV8vuA==
x-amz-cf-pop
PHL50-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB16 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142220
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:40 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
df647469298900acae6f6a1c6475c04f91c50c964649a8c6c87edb3a6bfc917d

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1216
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:41 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 18:04:40 GMT
location
/sync?us_privacy=1YNY&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CA68 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142220
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:40 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
2000210.html
sync.serverbid.com/ss/ Frame A82E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000210.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:fe00:1b:fdeb:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
227ece5ef6d84d7cca3a6d203d604bd50b1fd20a73e615de3f9066fde5c400c4

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
35397
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 08:14:45 GMT
etag
W/"d01fc177c5ca256bc0e12aabc2ed9ea6"
last-modified
Thu, 17 Aug 2023 12:47:03 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
x-amz-cf-id
NKu8WCADk1G0OsobxgLmZ2Ic3zPrE_LD6jTP7gCpKyCM9j3MWAwpCA==
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
usersync.html
cdn.undertone.com/js/ Frame F72D 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:5000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
37603
content-encoding
gzip
content-type
text/html
date
Fri, 18 Aug 2023 07:37:59 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
x-amz-cf-id
HHM5lXvDduY9EmJt68t3HEShBuq7_bFtdXjvSGFhcAEXAJreRundWQ==
x-amz-cf-pop
PHL50-C1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
2000210.html
sync.serverbid.com/ss/ Frame BCE9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000210.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:fe00:1b:fdeb:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
227ece5ef6d84d7cca3a6d203d604bd50b1fd20a73e615de3f9066fde5c400c4

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
35397
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 08:14:45 GMT
etag
W/"d01fc177c5ca256bc0e12aabc2ed9ea6"
last-modified
Thu, 17 Aug 2023 12:47:03 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront)
x-amz-cf-id
17H_259R5ITvPqGZL9flx6L9F9r-BeUAyfbbQ3RmzbmQr5KFCX417w==
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame E693 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1102
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f8c14a3bad53710-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 18:04:40 GMT
expires
Fri, 18 Aug 2023 22:04:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pxl
engagefront.theweathernetwork.com/ 		47 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engagefront.theweathernetwork.com/pxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.23.120.34.bc.googleusercontent.com
Software
TornadoServer/6.1 /
Resource Hash
af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 google
server
TornadoServer/6.1
etag
"2f28ed1ccf7c08cf22491757fe20385249db162e"
p3p
policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type
image/gif
cache-control
max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47
expires
Fri, 18 Aug 2023 18:04:40 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=emnWOirBSCcEF1SiwHUR&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=emnWOirBSCcEF1SiwHUR&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=emnWOirBSCcEF1SiwHUR&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT, Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212153247920106
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212153247920106
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212153247920106
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sharethrough&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050722815741397&expires=30&ssp=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent=
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=163c4006ee4506a2&is_secure=true&networkId=44410&version=1&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACW0a7j7-svwNck40pAAAAAAA&expiration=1692468281&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&is_secure=true&g...
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACW0a7j7-svwNck40pAAAAAAA&expiration=1692468281&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAACW0a7j7-svwNck40pAAAAAAA&expiration=1692468281&nuid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9abdfd0b-d0fa-312c-9e0c-6b99adc0bdf5
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9abdfd0b-d0fa-312c-9e0c-6b99adc0bdf5
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9abdfd0b-d0fa-312c-9e0c-6b99adc0bdf5
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YzRjMWJhNTctNWMzZC00YzhmLWFjMDctN2ExNzkzYzU2ZWRi
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=91bdb2e1-c5a3-4f2e-88f3-eda1dae50aee&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=91bdb2e1-c5a3-4f2e-88f3-eda1dae50aee&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sharethrough
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sharethrough
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4844965109403605106&ssp=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Xq4nDQqoIVJFqnVfW61uU12iJg1FqCcKCqpHAlUB
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Xq4nDQqoIVJFqnVfW61uU12iJg1FqCcKCqpHAlUB
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=Xq4nDQqoIVJFqnVfW61uU12iJg1FqCcKCqpHAlUB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://sync.1rx.io/usersync2/sharethrough
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1692381881028
  • https://ad.turn.com/r/cs?pid=45&rndcb=7338384621
  • https://sync.1rx.io/usersync/turn/2990610143720356760?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_...
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Server
Tengine
ETag
RXa8c4e4e111a74d9faacc9304e2e3bbb6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Content-Type
text/html
Connection
keep-alive
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 18:04:41 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 18 Aug 2023 18:04:40 GMT
via
1.1 varnish
x-amz-request-id
KVAJ6Q009QCW97RM
age
15242
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
DwKR+V0ahyrIfE9ny0MhUhVxsDNtfz7Rh47R2/Ww+5VFFCIAWzGNhBCqKKGZpyPVnlKhUUHGAS0=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1692381881.931069,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
4090
pr
s.amazon-adsystem.com/v3/ Frame 044E 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
dd82c9b25bf85671ac77134102db522e9c18afd9737bcd22ef5675bb5ce98a5a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5095
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 18 Aug 2023 18:04:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HV0ZWTFRA31V1VZM0WQP
syncframe
gum.criteo.com/ Frame 6413 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.9news.com&us_privacy=1YNY
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:40 GMT
server
Kestrel
server-processing-duration-in-ticks
248826
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
usync.js
eus.rubiconproject.com/ Frame A2F7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27932
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
v1
match.sharethrough.com/sync/ Frame 044E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=3497096569
  • https://sync.1rx.io/usersync/turn/2918552549682428824?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_...
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Server
Tengine
ETag
RXa8c4e4e111a74d9faacc9304e2e3bbb6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Content-Type
text/html
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame 044E
Redirect Chain
  • https://usync.vrtcal.com/i?ssp=1822&surl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvrtcal.com%26id%3D%24%24VRTCALUSER%24%24
  • https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=d18f6c570a2d6be4f53aed0163e942d5
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=d18f6c570a2d6be4f53aed0163e942d5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
46DRV8TXCSETY7R995NC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=d18f6c570a2d6be4f53aed0163e942d5
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Apache/2.4.7 (Ubuntu)
x-powered-by
PHP/5.5.9-1ubuntu4.26
content-length
1
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame 044E
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=f53a4d9aec
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=f53a4d9aec
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D30G67RTZQ34W2VASTCA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 18:04:37 GMT
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P6
age
4
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=f53a4d9aec
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
sDYNchwfQ0A_2WrL3-sTxuIlImw10vDo8AznSXr_nNv7yQldb363sw==
ecm3
s.amazon-adsystem.com/ Frame 044E
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1c04d107-c8fa-4398-973e-dec51524914a
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1c04d107-c8fa-4398-973e-dec51524914a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2HKZ5JBZNMWT9Q3VBEZR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1c04d107-c8fa-4398-973e-dec51524914a
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Aug 2023 18:04:41 GMT
map
bcp.crwdcntrl.net/6/ 		156 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8a54bd93344da282a410a35e8151edda29e8b73a224ec479cb0bb40b9f5a429e

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.9news.com
cache-control
no-cache
x-server
10.40.35.172
access-control-allow-credentials
true
content-length
156
expires
0
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 7BC6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN.yucCo8YMAANUS4lQAAAAA
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN.yucCo8YMAANUS4lQAAAAA
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67945

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 18 Aug 2023 18:04:41 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.72","key":"ZN.yucCo8YMAANUS4lQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40172"}
X-SO-Key
ZN.yucCo8YMAANUS4lQAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40172
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZN.yucCo8YMAANUS4lQAAAAA
Cache-Control
private
X-SO-HostName
a-ad40172.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-IP
38.132.118.72
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=c4ae383c8e2a41d0a0...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=c4ae383c8e2a41d0a07c96ef67d34d18
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=c4ae383c8e2a41d0a07c96ef67d34d18
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68230

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=c4ae383c8e2a41d0a07c96ef67d34d18
date
Fri, 18 Aug 2023 18:04:42 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 7BC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.5 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5AL-R-5RL7
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5AL-R-5RL7
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67967

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5AL-R-5RL7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836?gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-WraFyFRE2oTW.PDhsT1T1FYVwn58r1Sgjkb2nA--~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-WraFyFRE2oTW.PDhsT1T1FYVwn58r1Sgjkb2nA--~A
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68162

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-WraFyFRE2oTW.PDhsT1T1FYVwn58r1Sgjkb2nA--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=10db3cefb38fb779299930e47afa2d2c
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=10db3cefb38fb779299930e47afa2d2c
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68162

Redirect headers

location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=10db3cefb38fb779299930e47afa2d2c
date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGTpomb5hSPCb4yC7nNS4V0&google_cver=1
0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGTpomb5hSPCb4yC7nNS4V0&google_cver=1
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
31
date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760096-MIA
server
nginx
x-timer
S1692381882.619462,VS0,VE31
x-fastly-to-nlb-rtt
30274
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGTpomb5hSPCb4yC7nNS4V0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7BC6 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836:$UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 7BC6
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67994
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
31
date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760096-MIA
server
nginx
x-timer
S1692381882.619356,VS0,VE31
x-fastly-to-nlb-rtt
30191
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cec9c022-2518-4275-90bb-40c27fa3670d
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
239
merge
ce.lijit.com/ Frame 7BC6
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=1YNY&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=1YNY&gdpr=0&gdpr_consent=&dnr=1
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=1YNY&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=1YNY&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 7BC6 		49 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-drbhg
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 7BC6 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68280

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1337741
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
8.gif
id5-sync.com/c/464/1244/0/ Frame 7BC6
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/6/2.gif?puid=38f50135-3dcc-4b60-a270-799747dbc202&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/5/3.gif?puid=8342177640231574973&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAC0Ik7Jv2UAACTqc7GRqQ&id5AccountNum=155&numCascadesAllowed=9
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F203%2F3%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/203/3/5.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F2%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/2/6.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F203%2F1%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/203/1/7.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F1244%2F0%2F8.gif%3Fpuid%3D%5...
  • https://id5-sync.com/c/464/1244/0/8.gif?puid=HLDcfQZHcHxqw-twSRG0RE1f&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/1244/0/8.gif?puid=HLDcfQZHcHxqw-twSRG0RE1f&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 18 Aug 2023 18:04:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:45 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/464/1244/0/8.gif?puid=HLDcfQZHcHxqw-twSRG0RE1f&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 7BC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596547717171969174&ssp=taboola&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70733

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 7BC6
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=48a489b6-ded6-4798-8895-47d7be6c575d
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=48a489b6-ded6-4798-8895-47d7be6c575d&tbid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&query=taboola_hm%3D48a489b6-ded6-...
0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=48a489b6-ded6-4798-8895-47d7be6c575d&tbid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&query=taboola_hm%3D48a489b6-ded6-4798-8895-47d7be6c575d&isDirect=0
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 18:04:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1692381883.169407,VS0,VE33
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-mia-kmia1760096-MIA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=48a489b6-ded6-4798-8895-47d7be6c575d&tbid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&query=taboola_hm%3D48a489b6-ded6-4798-8895-47d7be6c575d&isDirect=0
date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71736
sd
u.openx.net/w/1.0/ Frame 7BC6 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 7BC6 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 7BC6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4sFL9glzVMVgpwr4qouw3CaEdkg
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4sFL9glzVMVgpwr4qouw3CaEdkg
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
73666

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4sFL9glzVMVgpwr4qouw3CaEdkg
Date
Fri, 18 Aug 2023 18:04:42 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
t.adx.opera.com/ Frame 7BC6 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=9822358b-212a-0be1-1cf9-4b56212cff62
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=9822358b-212a-0be1-1cf9-4b56212cff62
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
73666

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=9822358b-212a-0be1-1cf9-4b56212cff62
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame 7BC6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=1YNY&redir=
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
73666

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:41 GMT
x-amz-request-id
PGFRVJ6PFZK10CPE
age
2754
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
jq3bBrVxbK0kimCD8b1JS/0ZSCMoyxYNcY1kt1WRraGOq2pBrb9zZIKKUMz5SbEO2V3JjdFMEgs=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1692381881.197728,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
82
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
9862
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:41 GMT
x-amz-request-id
XKY2R4MY1MPFBWBY
age
15459
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wVL5y3sSnV3I0ejly2N8ywYJTdnVvaGMyA/5MvuVp39q8Fk6dGUCj1xZxZuiJhwPQSzAhmE+TFo=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1692381881.197646,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
36864
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230816-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 18:04:41 GMT
x-amz-request-id
MDF93QQD9XF44S4Y
age
14734
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
9aCM6iAja0bhi2IXdN17/wMX549lXbzdvg4Sndk53wQsFtQTk6TO1egJHvOCzVoiS0zPyKy+soA=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1692381881.197637,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
42
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
41728
xuid
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF6C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame AF6C 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=572205591462893908588&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 988A920E320A4BB69794A8F3BE576153 Ref B: MIAEDGE1906 Ref C: 2023-08-18T18:04:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDNlzguw9fnoZYaxi6xQ==
xuid
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=998e5ecf-c5a3-4f28-b599-21e9af40e393&ssp=triplelift&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/572205591462893908588?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame AF6C 		42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=572205591462893908588&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 862EFE62C72B41A982657D9AFACB7310 Ref B: MIAEDGE1914 Ref C: 2023-08-18T18:04:41Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
  • https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1518585
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AF6C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
an-x-request-uuid
95c1e542-d3f8-43a3-86de-e9e8915f0584
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=cec9c022-2518-4275-90bb-40c27fa3670d&dongle=0cfd&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJwL6QSo7l3bJ53owEGsti4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 74DA
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTcyMjA1NTkxNDYyODkzOTA4NTg4
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 74DA 		0
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=572205591462893908588&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EE49442A41644AB59F2378F0C2460411 Ref B: MIAEDGE1906 Ref C: 2023-08-18T18:04:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDNlzgv6sR2C4ny7E3jg==
xuid
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=572205591462893908588&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=f2306052-bf0e-4a8f-9a05-aaf2868fa5d8&expires=10&ssp=triplelift&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/572205591462893908588?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rLlY2BFE2oRrCF4lRH2HY.aP4ulbc7CCJZ_fb5a2dw--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 74DA 		42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=572205591462893908588&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 67420FFDAABD4469BDAC6336562B7AFD Ref B: MIAEDGE1914 Ref C: 2023-08-18T18:04:41Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
  • https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&dongle=013b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2023221
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 74DA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
an-x-request-uuid
0643b254-91e8-4404-b6e0-4c284476c063
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=8342177640231574973&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame BC24 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.152.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-152-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
503d7498188da4092f6475a0ea1ed3a3fe65e0fcd8e87f9e5d009a8668657dd6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 18 Aug 2023 18:04:41 GMT
etag
W/"0537fb8a34fbdbd9354a7e1dc6bbd314a"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d286d30fc1dce5732e03699d977b95d09ba46d9af3f663d76549ac87c0d67f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14a65851498c-MIA
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GomZ8SsLGxlMa1NLWv4qX9XK3oFn1ATseynyPLGh%2B0bTuJ81Sud1VNwH3S5PbAjBjwyiPgZcUhsS6m3fQl8X2KaQO1p3MuWN5I9eq09L5nyNYYoEkrqwCmgqnxoE7rIZAYlyylg1Zb8gzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14a5bf44498c-MIA
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3L5qEqkY5NLnhMYc3EW4FSn9QXqGW3HhTLopOkPD7S0u1xtZcFB7rCfbkogSlE6pj7v6NmXDbzeI%2FrZe69dLChGON5zD8aC6BzCPjVgmPUaT9LKkn5sWXoZ0xNkmtiND8Zt%2F21i%2BclPOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
syncb
sync.bfmio.com/ Frame 6310 		985 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/syncb?pid=137
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
32cb6c01d8dcb5d8adfd389beff0a5f21bc3e33fe7f731db094bea6f4c66b843

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
985
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:41 GMT
uc.html
sync.go.sonobi.com/ Frame 2F26 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0329b4a470d9cfdfd817467e30eb264e143f05f277692edf2eeeca6bb54b2e32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-length
1419
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
x-xss-protection
0
cm
u.openx.net/w/1.0/ Frame 3BBC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
04a502882d78e55d8d1261afa8c228cf1783d16cd80a753a9bc1d265e4407fc9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
400
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 3846
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=56154954e7cc15f0&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyzrBvvwHhgN5Vzu1AAAAAAA&expiration=1692468281&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyzrBvvwHhgN5Vzu1AAAAAAA&expiration=1692468281&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KD7S30FP5CVDRV28SFW4

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyzrBvvwHhgN5Vzu1AAAAAAA&expiration=1692468281&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
register2.php
synchrobox.adswizz.com/ Frame A82E 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.235.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-235-226.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
29e96620a0c4f75d8b5d664ea350835ce5fe8a0b857864b7818b2f6b4c65b263

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame A82E 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-42.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 08:34:41 GMT
via
1.1 65e185f36e65abff9322e261be3491d4.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
38438
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
VH0Fekyn9kroaa0qxGiNMLa2mnxSbzlwi_EblF046KKrwVZG_iv9Xg==
register2.php
synchrobox.adswizz.com/ Frame BCE9 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.235.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-235-226.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
29e96620a0c4f75d8b5d664ea350835ce5fe8a0b857864b7818b2f6b4c65b263

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame BCE9 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-42.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 08:34:41 GMT
via
1.1 65e185f36e65abff9322e261be3491d4.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
38438
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
_O86vSD0jG4f9q-wSoeaKwOdIwn86-kxLoHZYgWRfCvMnUr_ccxU7A==
PugMaster
image6.pubmatic.com/AdServer/ Frame BB16 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31071897&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6a865df32cf1ddb9e86fe60fd53bb4806a19b60ff931cc4c62214caad92adf97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 18:04:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 8408
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afffa667586c4a64b7ed7e7dee1d75bea3f0e5aaafe44b2666115c12009407db

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14a74fda31d2-MIA
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELKhtHa668d7YLfSM7P3dCQlL3p52mb6sHEWANNUivBTWzJFP9NC4Q5E30FIAUO7wwee1Q9rs44T4gQ3I0Bl%2Bk8l3OQqwDGmzt%2F3qBMzWuRuz37aJB8g1ZRN5nXD%2B0yb0WNxgwx4P3LHcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14a63ffa498c-MIA
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5wnmX7qlmjChf7sGUWTn%2BbdthD0QhucVa9X7NxgZOzMAMnzGl%2FgN6wD7QQaS845gufgVhCGqsXgMINSq0Tn9aqZs1HhZtOzIswZdJ5aFPbytxBXBVYu9ezFxcjwLmKhFCdVUEK%2FpSq8ng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 456A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 3C24
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
DYa4neP00JzjvLUKWW5Y5ICwaywiC9zlipyIUYzzUqnfb19PjYKrYw==

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 3C24
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
YgVzfz8HKE1CLOIkxojdR2UWH2yKtK11h4uDaJIT9WaNFASBPAJw3g==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 3C24
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
11
content-length
0
x-amz-cf-id
ggB-Mu7s3p0ruONtZj2M0dqfcayQqN_2CyuNknLJGus2XG4nsSCfYw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame 3C24
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-H-EM9N
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-H-EM9N
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
N7U5r04tI1CAKhsui7A-Mul-0GakV6eNEGAaqyfxpWyw0gEp_awSsg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-H-EM9N
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 3C24
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=326d6ce716415f0&is_secure=true&networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHyzrBvvwHvwMfxlstAAAAAAA&expiration=1692468282&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 3C24
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
bVtHHK8FEZeR4UGrDaBDWD2H3Adty0LvUVcECNQ0FcQjnDa1PnK2iw==

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 3C24
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
11
content-length
0
x-amz-cf-id
K6Ns-1wg66yq7h6rFiiAu-iPIRmH-uRqjh8AHFyEIqCCYeG3BFXVNw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 3C24 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=2ac25364ed77483c898c97a787093835
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Aug 2023 18:04:41 GMT
demconf.jpg
dpm.demdex.net/ Frame 3C24
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Server
54.205.121.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-121-138.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-0f9660165.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2+SDE65PQoo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v049-0f8e8e252.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
VWR+Anh2Sms=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 3C24 		62 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=2j4qxcabqnm4mmr9ah4sxtjcl
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 18 Aug 2023 18:04:41 GMT
content-length
62
content-type
image/gif
396846.gif
idsync.rlcdn.com/ Frame 3C24
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=2j4qxcabqnm4mmr9ah4sxtjcl
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTJqNHF4Y2FicW5tNG1tcjlhaDRzeHRqY2wQABoNCLnl_qYGEgUI6AcQAEIASgA
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 3C24 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=2j4qxcabqnm4mmr9ah4sxtjcl
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-173-131.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n022-ash-prod.krxd.net
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1692381881
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
usr.undertone.com/userPixel/ Frame F72D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
OqxGJ4DmpcSJzDNDJhdnKyMTeT6QDUWKvcWGtRuVmd0hTPBc392TJQ==

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=5475b18f-cb84-06d5-04d2-551777fd7b84
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame F72D
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
9wD-bXD4akYWMI4CE7KeVE74mJLV7fFYnS-BnW2k7xOf5-7xylL0jQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-rytvGDdE2uFdM1cVJdPTZI2w.umkSrL.~A
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame F72D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
FqNwRnWx1H3ORFSEOWaxgwIEGnJYKg7vA8Rzz0ySL-0a5cEtpHQsKw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=1694973881
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame F72D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-1G-H2WQ
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-1G-H2WQ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
_Ap_d9tSrKb2qkcIMQ1ettmIFuaWyANUnJHp_qFTOjw9kZatqSSz2g==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5A0-1G-H2WQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame F72D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=12615299283806a2&is_secure=true&networkId=17100&version=1&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH3bQhF4Tv1QMnkJyoAAAAAAA&expiration=1692468282&nuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame F72D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
36v-hbm7DaNWBGcNtbJ8Bxfmth3aKzuJTJX8btKOL7rBQMrKtIdJaA==

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame F72D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
VYSKRjOLB2QqhbwpXQP-7ddoUhO-SQ_b5vwqUFuRecbIc3TsZ5-kfg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame F72D 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=2ac25364ed77483c898c97a787093835
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 18 Aug 2023 18:04:41 GMT
demconf.jpg
dpm.demdex.net/ Frame F72D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Server
54.205.121.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-121-138.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-05cdda66d.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
A31y/5wSSkw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v049-0191ab326.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
jHM1XVbjSes=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2j4qxcabqnm4mmr9ah4sxtjcl
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame F72D 		62 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=2j4qxcabqnm4mmr9ah4sxtjcl
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 18 Aug 2023 18:04:41 GMT
content-length
62
content-type
image/gif
sync
pippio.com/api/ Frame F72D
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=2j4qxcabqnm4mmr9ah4sxtjcl
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIueX-pgYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIueX-pgYSBAgCEABCAEoA&google_gid=CAESENYt2Il_jMxsqHnfSM1AKMA&google_cver=1
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://pippio.com/api/sync?pid=709973&it=1&iv=PvjFnDEO
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=709973&it=1&iv=PvjFnDEO
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://pippio.com/api/sync?pid=709973&it=1&iv=PvjFnDEO
date
Fri, 18 Aug 2023 18:04:43 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame F72D 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=2j4qxcabqnm4mmr9ah4sxtjcl
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-173-131.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n031-ash-prod.krxd.net
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1692381881
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usermatch
ssum-sec.casalemedia.com/ Frame F617 		2 KB
890 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2154f7c57caa0ca6f1dd65bfe7c9846234b9f667de7fe1bb528a420818e4e2bc

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14a66857498c-MIA
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glACWVaDAWMniClEwK5%2Fi4NKR68QG9iXsNFbvSnLhLHjOBWCTgvh47mJIpJkY4Vlf%2FayeCUOU55atfc08%2FYNU2ddC1Fu6lBbijulpymZ6M3QRWhF4yvB0DcUEmy%2B42pC%2BmiGj%2FTIuYmPgw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame ADC3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sid
mug.criteo.com/ Frame 6413
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=9news.com&sn=ChromeSyncframe&so=0&topUrl=www.9news.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=BleUp3xiQUNLZkhCdzh0MVdtVGZaRTdrTUpZc3ZWVVRlbUgxM05wVEtmakhaSjN6YStFUHJGY3JELy9YTzBkSzRZdTJCRTIxYU9VbGdYUHpCWHZnY2J6MDV5eXN5MUR5ZXRWNlB3Nk9LQ2x3LzFhK3VVOTFRSjRUMzVOZn...
436 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=BleUp3xiQUNLZkhCdzh0MVdtVGZaRTdrTUpZc3ZWVVRlbUgxM05wVEtmakhaSjN6YStFUHJGY3JELy9YTzBkSzRZdTJCRTIxYU9VbGdYUHpCWHZnY2J6MDV5eXN5MUR5ZXRWNlB3Nk9LQ2x3LzFhK3VVOTFRSjRUMzVOZnVlcUp1ZkFqWFRVQVk3aVJYck55Q1VJV0x0ZHd0MENLTWJoS0YwNGFaVENOQTZEd0RxNEsxOVQ4TmpDVW0yUmtIV1Y5NXRlOVJ3em85aVhiTWRkN29MVENHMTB1V3NVNzdNTGJ0TmtxVHNVVHUxSWxtSTRobmh1dmhlVjZ5anBvdVh2MTZLYndqTlJwSVJUQjNicm9FTHBRTGxGeTlXQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
64866c2a04b368a118af42a2b35ee1ffe09e896f15d02dbf3caef5b44269dde5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1728421
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=BleUp3xiQUNLZkhCdzh0MVdtVGZaRTdrTUpZc3ZWVVRlbUgxM05wVEtmakhaSjN6YStFUHJGY3JELy9YTzBkSzRZdTJCRTIxYU9VbGdYUHpCWHZnY2J6MDV5eXN5MUR5ZXRWNlB3Nk9LQ2x3LzFhK3VVOTFRSjRUMzVOZnVlcUp1ZkFqWFRVQVk3aVJYck55Q1VJV0x0ZHd0MENLTWJoS0YwNGFaVENOQTZEd0RxNEsxOVQ4TmpDVW0yUmtIV1Y5NXRlOVJ3em85aVhiTWRkN29MVENHMTB1V3NVNzdNTGJ0TmtxVHNVVHUxSWxtSTRobmh1dmhlVjZ5anBvdVh2MTZLYndqTlJwSVJUQjNicm9FTHBRTGxGeTlXQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
426388
content-length
0
expires
0
1.gif
id5-sync.com/c/495/0/0/ Frame BB0E
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 18 Aug 2023 18:04:42 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
match.sharethrough.com/jwumXNuB/v1/ Frame 093E 		427 B
611 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
e89dd168d2426677b4f7ca53f9706d4a1298281338b42c8e1f29cfaef55d4c0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Fri, 18 Aug 2023 18:04:41 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A11 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142219
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 210E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.43.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-43-234.compute-1.amazonaws.com
Software
/
Resource Hash
f799732a1c98a10bfd1ca4f1553e8adf2300e4ee6277d27c19f86f6023910d0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 18 Aug 2023 18:04:41 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 80E9 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:41 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 0B23
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
8feda7cdbce016cc1fba0be24a74b390c2a1bdc926b18d3f424c9bf63bdb26eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-cdb79dd64-drbhg
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-cdb79dd64-rr9xr
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
live-3390_00025.ts
livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/ 		538 KB
539 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/live-3390_00025.ts
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.185 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
898b8df25be3b9c49716cfcbc7bb94a00224702488433826f8d57c31c1083ddf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:41 GMT
Akamai-Path-Timestamp
i=1692381864.660;xi=1692381864.683;xo=1692381865.447;s=1692381865.473;
Akamai-Mon-Iucid-Ing
2014548
Connection
keep-alive
Akamai-Mon-Iucid-Del
312833
Content-Length
551028
Pragma
no-cache
Last-Modified
Fri, 18 Aug 2023 18:04:24 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
X-Akamai-Live-Origin-QoS
d=7000;t=1692381864.666
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535987
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 17 Aug 2024 18:04:28 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5FF5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5b423d7627c277e16f9da9afa2c2a254ae367007027d9d8e0013c4d0f5734d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14a75ffb31d2-MIA
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjhFjij1QfGreZqngCS%2BBixNH3ScMrceyUnjjCHaysX16k3qI3phy5RdT7g0jSl2fcTJaquFXeCU0%2B74r%2FX1pzwsTErvORXijlX7pkd1pvw6gkoTCdtIkR9OaM29epBz9vfw3ST6xfxn6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 270D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1846909b23ec314565597583038d127f42929e52f96eb4a6872434ac9a1347a9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14a7580131d2-MIA
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxL6idE4zzj4KUE%2F02CPy5W6sN9E5wEsL7i%2BFFLYCl%2FWW%2FxuNZF91pEeEyOFKbmNz5w70yd7%2BvJ5LEQvvSUX%2FuMcsevKuXlPMg7eeKiPWlLDRIq7eKDYQNgOap55KRGHMxf1KKZK0OvZ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EDE6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142219
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame EF94 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 8D30
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
server
AkamaiGHost
rid
match.adsrvr.org/track/ Frame A82E 		109 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
a57ba142c2a3a568bd8fad7fd6e373ffe1e290c1d102e1b079659cbdc047bda5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 17 Sep 2023 18:04:41 GMT
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=f77ed681-cf2e-43f1-9d5f-d90b7e819daa
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=f77ed681-cf2e-43f1-9d5f-d90b7e819daa
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=f77ed681-cf2e-43f1-9d5f-d90b7e819daa
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3ahap%2BMnW0pm%2Fl2rIETaecJnxx4uXq6Z4RwPTGOl%2BXMNiXy3bWE5B3aGBfeILw6qFqZYE7K56s39GP1GOsezuyQU5CXKcshN3mVPL5Cw%2B3QMPKB5K5rR4fvQavHswVf3jxe6f7XLgDt6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
cache-control
no-cache
cf-ray
7f8c14a7680931d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=cvlODfnPetH7&ev=1&pid=562763
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=cvlODfnPetH7&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=cvlODfnPetH7&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-97hd8
expires
-1
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150
getuid
sync.smartadserver.com/ Frame A82E
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_ui...
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Server
23.105.14.105 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.105.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
access-control-allow-origin
*
date
Fri, 18 Aug 2023 18:04:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Dc28ee0e9-df1e-4d35-8383-5ac27408fe76%26bidder%...
  • https://prebid.a-mo.net/cchain/0/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_pr...
  • https://prebid.a-mo.net/cchain/1/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=index_rtb&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEm...
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Dc28ee0e...
  • https://prebid.a-mo.net/cchain/2/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=sovrn&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3Jj...
  • https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F16742%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%...
  • https://prebid.a-mo.net/cchain/3/16742?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=adform&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3J...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c28ee0e9-df1e-4d35-8383-5ac27408fe76
35 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c28ee0e9-df1e-4d35-8383-5ac27408fe76
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c28ee0e9-df1e-4d35-8383-5ac27408fe76
date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
an-x-request-uuid
9ff7495a-4ed7-457a-a6a7-c1cfbc6d7a62
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
x.serverbid.com/ Frame A82E
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDyyQXvRkENR&gdpr=&gdpr_consent=&us_privacy=
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDyyQXvRkENR&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDyyQXvRkENR&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame DB2E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuS1wyYvy5i_E29VS4C0j4TZbnL5BsUN6PsnlIC3LHpl74UWJk7aI86KBKN8p-knwXsm8UfHiqBvrtugsZ0CquDT1Lr3Anaxllmzbay7OSTMtyqYp402W6Rj3AE9eUWUCFEwB3KJQz2PLKcelnqJm6gJsS7a9elxW6chkzJmfAvzhQQ46uHIXdU3EdwXTdH-MjaIzpaf6uP6Io-In1UXyY_Jt7e6_MJwM9tVlUmDUaCSPaYEflpfb_B4EV_wLWiJ0ZBAMyReoJHSiqZiLAL20LoMS0qhzQLbqpOovT7nsCvot9EIidvl7trCqjR0_qt6LSQFJaYylgBt7KuMZYOsaS_Cc1wAPwzjrlxBJdk3hCSCXBJBOmzrbULy2fnP1A2KHneN9RbnQ3olsWF8emAn3NgjT82dwE&sai=AMfl-YSrm2XsYhQiLtdcgiZeAAmuC0AkAjdh-yBHK7T-pKuOHDZevdqjoUidMrX2gqcv7FtUMeMSOUHHeCPvXDPJXmaic1RFgU8-PwOX4xEEyDMAnH29Udly3EcuIS1ArCY&sig=Cg0ArKJSzFKQUEwDW4IjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rciv.js
cdn.tynt.com/ Frame DB2E 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc1f6a83322ee4d9af14f97f28c431b67bea2446b538d17e208f4beb6c460eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 17:56:27 GMT
server
cloudflare
age
173271
etag
W/"64d524cb-48cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f8c14b039704c10-MIA
expires
Mon, 21 Aug 2023 18:04:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DB2E 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 18:04:41 GMT
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=823eae10-6224-4439-adad-6fc86f3e80e5
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=823eae10-6224-4439-adad-6fc86f3e80e5
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=823eae10-6224-4439-adad-6fc86f3e80e5
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kncF5y1%2F9oSwSpfbmjIriCGHCba3tVA%2F9ADsXtcoimN5HkONMZWiebgNGelhENwjTXRpTnZvJgwPWs99C2V29PQYw%2BkfIV7fPEPhhnDK1R%2BwetCrNQfRH85tN8NBaqlQsSryGaQ4U60W8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZN.yuQ0X0tnKZUDaNNXD1AAA%262851
cache-control
no-cache
cf-ray
7f8c14a7f9cd31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=HLDcfQZHcHxqw-twSRG0RE1f
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=0tS80SDvhiWx&ev=1&pid=562763
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=0tS80SDvhiWx&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=0tS80SDvhiWx&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-g4958
expires
-1
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=26c65967-72b4-095f-05db-8ac5010a995b
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150
getuid
sync.smartadserver.com/ Frame BCE9
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_ui...
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Server
23.105.14.105 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.105.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2210&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D7028%26spui%3D%26dpui%3D%7BPUB_USER_ID%7D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=7028&spui=&dpui=f788601c-7903-41d0-8bd4-00f0948479b2
access-control-allow-origin
*
date
Fri, 18 Aug 2023 18:04:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c51-d7d5-4150-bc01-350914d50662%26bidder%...
  • https://prebid.a-mo.net/cchain/0/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc...
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c51-d7d5-4...
  • https://prebid.a-mo.net/cchain/1/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=amx_com&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3...
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c5...
  • https://prebid.a-mo.net/cchain/2/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=sovrn&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3Jj...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D3603...
  • https://prebid.a-mo.net/cchain/3/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=openx&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3Jj...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F29748%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D36030c5...
  • https://prebid.a-mo.net/cchain/4/29748?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=36030c51-d7d5-4150-bc01-350914d50662&bidder=pubmatic&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=36030c51-d7d5-4150-bc01-350914d50662
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=36030c51-d7d5-4150-bc01-350914d50662
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=36030c51-d7d5-4150-bc01-350914d50662
date
Fri, 18 Aug 2023 18:04:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
35 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
an-x-request-uuid
6cf2bc1e-bf16-4f51-8887-466cb5d9b2b5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8342177640231574973
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6f5eeefe-658b-41c1-aa64-1cde178e9d11
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
x.serverbid.com/ Frame BCE9
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDys2L3_HSHF&gdpr=&gdpr_consent=&us_privacy=
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDys2L3_HSHF&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=3m7DXvyGGDys2L3_HSHF&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F580 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142219
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4C3C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 135F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:41 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
server
AkamaiGHost
rid
match.adsrvr.org/track/ Frame BCE9 		109 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
a034d075141ce4dc3c017a065213c48d5e199e465c52f695d4e6feac4eab8a3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 17 Sep 2023 18:04:41 GMT
khaos.jpg
token.rubiconproject.com/ Frame A2F7 		284 B
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973881&gdpr=0&gdpr_consent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973881&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGZM4avOl7b32Q0NwycPUWcl%2BLHcT%2FkFAovjqS%2BFxkauWqNozh6s1idvh5lDVu%2B1ijdRvmxUhAG3Bf4wYK9uzVemLDA9D2UDWUmki7iGRZNsK8Fm7howRQAHUY470oOleaCB41XkoctwBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ab4fac31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973881&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUFgOABbtd6MeWd57lRL7TVAvhe0kas2fnZ8biKJQXqMMO2AwN%2BYNJ3hpJp1%2Blmt8yQAg0Ny6NQ4c%2B2bDwkAcNvXSR9dsdmZM%2FeTF6e%2Bi%2FxDQC0COAOabgSp3DjbHez6fsjKQU75a%2BQVFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14aa4df631d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2F68 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XN1VD09ZK75VSR8H9HJ4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN.yuQ0X0tnKZUDaNNXD1AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECSphkEo6DWEkzpwaT8Xd-E&google_cver=1&google_hm=2
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECSphkEo6DWEkzpwaT8Xd-E&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egFGL%2BWBAIyMbu0pdrdlkPLxd3UHgXZosvvdfKa6UTK9DQxAWXiCivf8edkkOd0hnUpfBpf%2BkUooQ6RVvbt2Q3mfqY%2F3qFsBTg%2FLEzwQp%2BfupmH31%2FDA2w3qFJENXDuSiw7SOCkWY7lAeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14af5ec231d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECSphkEo6DWEkzpwaT8Xd-E&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC0Ik7Jv2UAACTqc7GRqQ&expiration=1693591482
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC0Ik7Jv2UAACTqc7GRqQ&expiration=1693591482
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZyFRbN0yK3UDBR6CJfckV%2BlmAKGrpzLauUQSo4MvcYRzEH2kuNwsfQckS%2BDThu%2BGfWPR2W2T3PeylqCErdqTuaJ8gOmZoO3j68kgd5VuIEluRBBEB7zZB73CMK5lQNnCqaOTPY9shwrhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14b0385c31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC0Ik7Jv2UAACTqc7GRqQ&expiration=1693591482
Date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=nuktKWU8mZJruE1cgPG6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23TVNN2EW...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nuktKWU8mZJruE1cgPG6
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nuktKWU8mZJruE1cgPG6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9G9V7Y3yheTx6nlnQwn%2Fql3zO7cXUOlz6%2BoQpweYdlCawH4ufb9Jrm3AgT%2BPGfaj%2BhqfffJCtugkCimyta0vnojWNN2qcEZ5%2Bf5Ln1FU7QNuiaWo%2FCcivi5boAMEKgno7E%2BsqlAA%2FmTLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14b23c2a31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nuktKWU8mZJruE1cgPG6
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5132813517839228127&gdpr=0&gdpr_consent=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5132813517839228127&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFGFgJFq0MBIV3MMBD3HkhVhulM1%2BArvlVj5lqEYLMnFSaY%2BniPWYiBUS8S0Wy2OFafDAlytcI8HN%2FDuxEoxG3yQc4rK5qNDN7X2qE5EF6cT4GU%2BYplN9I%2F4F3qJJ3c5ghiicuFEDeZquw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14aba84b31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5132813517839228127&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:41 GMT
content-length
0
crum
dsum.casalemedia.com/ Frame 2F68
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b68d3bb9-1f59-1b83-f9d95c83
43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b68d3bb9-1f59-1b83-f9d95c83
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n09Lt72cemKwj36bxTQdmCVXPOMelj6XKVDpLlyab0mXxFHBDz%2FUZBLEC3hSBTJ8NE94MKe8SkU5G1tOf7iDh7un6Ix%2BicDXVr%2BcuykYcHNwPAPuOjkXVHhOufOxswT9qSXG73xP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ad8adf498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b68d3bb9-1f59-1b83-f9d95c83
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
ecm3
s.amazon-adsystem.com/ Frame 2F68 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CPTA7BJ6CFV1WF0JEYC3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8EC6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fb2ZXbzhaRTJ1SWJ4SzI0RmdvZW9TZjExVkxLanlxdX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fb2ZXbzhaRTJ1SWJ4SzI0RmdvZW9TZjExVkxLanlxdX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7DC6YB38T9KQCK4DQBHS

Redirect headers

age
0
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fb2ZXbzhaRTJ1SWJ4SzI0RmdvZW9TZjExVkxLanlxdX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame DE84
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8342177640231574973&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8342177640231574973&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
S3CT6D43EB58QFWH0ESP

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
6f90414f-5716-4252-8479-dfb523088fe7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=8342177640231574973&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 0196
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ed88d3c97e9785098a0f7bfb29b18b76391403067b9d9930a9f3b1c82f558f6c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
480
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:42 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap7ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 5F5B 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
31cf098fbfb97c9b8a16ca356d781a251e8ebaa3122e8176bad1a50acec1e2eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
ecm3
s.amazon-adsystem.com/ Frame 34B2
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=572205591462893908588
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=572205591462893908588
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YSVPMEJ7S8TDSYJMQ1W8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=572205591462893908588
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
crum
dsum-sec.casalemedia.com/ Frame F617
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8342177640231574973
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8342177640231574973
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH0e6nfqCxtIi%2BzqEDSF9FqaCpk6mN2XyEyY0ajXkfhVi3iJEpjWgLL%2BEadO1grwhcDkij0Jq62Qg%2BbARjD%2BpLuWkTrzCu55ObIDp1HlZNwE2PtcAdBkh4EMdgd7tXRTc5y0MfWZxOEC3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ae7d6e31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
an-x-request-uuid
67553a82-5a5f-49d3-b40e-17ab9f27eaf1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8342177640231574973
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F617 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame F617
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZN_yugAJkOfzIgBY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN_yugAJkOfzIgBY&_test=ZN_yugAJkOfzIgBY
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN_yugAJkOfzIgBY&_test=ZN_yugAJkOfzIgBY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS95Kyc76VWM3SuYrSPWMr2DVFHuSjmfQlew2XVO%2F3ketaAa4Q67fY%2FZAK2HhUpP1vXJMMiSOGtMIM2WAyYh4X3yYy8Qx0C5aXLNidzDE580QoHgbRn0upQciS1wR%2B8DMXAcmv0NwKSr%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14af8f1431d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mia-kmia1760097-MIA
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692381883.538719,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN_yugAJkOfzIgBY&_test=ZN_yugAJkOfzIgBY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
user-registering
ads.stickyadstv.com/ Frame F617 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692381882253084-1142
crum
dsum-sec.casalemedia.com/ Frame F617
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708279482&external_user_id=3c83a954-9f89-4dfa-90d2-b887ed615e4d
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708279482&external_user_id=3c83a954-9f89-4dfa-90d2-b887ed615e4d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ%2F9SPh7WKmTfOSQKUl%2BES2Lw%2BEEIqiZGrwFrUXbBA7gBkCyUgB8hymWh4HyBl8%2BEgk66r5dIERH46NyEft6ShLg%2FFr0iVz5oFeBKcoLLu9W3FcI6hYTTFvW%2FwiVlfY0p3rXaR%2B8uKilNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ae3d0d31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708279482&external_user_id=3c83a954-9f89-4dfa-90d2-b887ed615e4d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
usermatchredir
ssum-sec.casalemedia.com/ Frame F617
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXlR%2FZR0VbX3Ginl5WP003sz1h651PCBADasPZSmeZXHzr9ntESL9cF6rSnBV9kXQHaVmrhHE1HRRmIOxvfl4%2BplOPpYtQ3Ls1UdZomk7FkLSbuEj%2BssB71slKQNAWALfZKL69YGk2Qdsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ad3b3031d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPeeh6XsIXBiw3C2QLEZFVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F617 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NGEMETZWQ9QCYAXQFJ3Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame F617 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
5h8uoBA5T9PGhZ-Q-JgNGVQgi-chLgta6pyTijm_IP2Ro7ZYm8o5wg==
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8342177640231574973
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8342177640231574973
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
an-x-request-uuid
fa5fafb0-e490-43bb-a1e1-8af5471575d4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8342177640231574973
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&gdpr=&gdpr_consent=&us_privacy=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=3bd7ba67-281f-40bb-ac12-dd965e68b1dc&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=cS1kRathptTz23Ltbocc0
  • https://usersync.gumgum.com/usersync?b=bsw&i=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame BC24
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&obuid=ENC(sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DsDPhGa7RzJpmYvba2...
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=dDwU09hZAwd6&obUid=sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=...
0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=dDwU09hZAwd6&obUid=sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform&ev=1&us_privacy=${us_privacy}&pid=562709
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
Content-Length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=dDwU09hZAwd6&obUid=sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform&ev=1&us_privacy=${us_privacy}&pid=562709
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e82572d8-e33e-02e0-092c-5a3d48015a90
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e82572d8-e33e-02e0-092c-5a3d48015a90
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e82572d8-e33e-02e0-092c-5a3d48015a90
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72
Date
Fri, 18 Aug 2023 18:04:42 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-vqLXnttE2pd28A_xY9Z1v3mB6ib8F8AtWPq8~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-vqLXnttE2pd28A_xY9Z1v3mB6ib8F8AtWPq8~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-vqLXnttE2pd28A_xY9Z1v3mB6ib8F8AtWPq8~A
content-length
0
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=a2fb9ede-b4be-49ec-954b-55ac4d60984a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=a2fb9ede-b4be-49ec-954b-55ac4d60984a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=a2fb9ede-b4be-49ec-954b-55ac4d60984a
Date
Fri, 18 Aug 2023 18:04:42 GMT
Connection
keep-alive
X-CI-RTID
6576da09-73a8-472e-a3c2-0a126472def7
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame BC24 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=E7bMllYMEHF6PGyWUIdf&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVCTOYSNNRWFSTKFJBDDMUCHPFLVKSLEMY
  • https://usersync.gumgum.com/usersync?b=zem&i=E7bMllYMEHF6PGyWUIdf
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=E7bMllYMEHF6PGyWUIdf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=E7bMllYMEHF6PGyWUIdf
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f788601c-7903-41d0-8bd4-00f0948479b2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f788601c-7903-41d0-8bd4-00f0948479b2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f788601c-7903-41d0-8bd4-00f0948479b2
access-control-allow-origin
*
date
Fri, 18 Aug 2023 18:04:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=KDF18IOhksPf&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=KDF18IOhksPf&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=KDF18IOhksPf&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-hhjw6
expires
-1
usersync
usersync.gumgum.com/ Frame BC24
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5132813517839228127
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5132813517839228127
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5132813517839228127
date
Fri, 18 Aug 2023 18:04:41 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame BC24 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z60MH3KYCPR18G9CYMC1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 80E9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27932
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
ecm3
s.amazon-adsystem.com/ Frame 093E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CGCDVBSTZ221V9WXGGD3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 093E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 093E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8342177640231574973
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8342177640231574973
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
an-x-request-uuid
5266439e-b69e-4b96-93a4-64394fd3e84c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8342177640231574973
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 093E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 093E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72&gdpr=&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72&gdpr=&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.233.86.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-86-45.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc$ip$38.132.118.72&gdpr=&gdpr_consent=
Date
Fri, 18 Aug 2023 18:04:42 GMT
Connection
keep-alive
Content-Length
199
Content-Type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame 3BBC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=47ceaad5-d781-814c-ae59-c847e8629036
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3Z5W50RHWFY8P8D1ZZ35
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
8bdfb0ec-5b87-a8ff-5f80-5c257f06969f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3BBC 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/8bdfb0ec-5b87-a8ff-5f80-5c257f06969f?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 3BBC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=47ceaad5-d781-814c-ae59-c847e8629036
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
19BRDMD6G0Y73ED0WJDP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3BBC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=1f18d6a8-cb2b-3ab6-6e57-4ad080515bd6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=1f18d6a8-cb2b-3ab6-6e57-4ad080515bd6&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=1f18d6a8-cb2b-3ab6-6e57-4ad080515bd6&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=1f18d6a8-cb2b-3ab6-6e57-4ad080515bd6&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 3BBC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM3NzA1NjItMDI1Yy02NDEyLTdiYjctMTA2OTRhYjM5NWI2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3BBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFqhEvvGAW_5RBSjuQlYMDI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFqhEvvGAW_5RBSjuQlYMDI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFqhEvvGAW_5RBSjuQlYMDI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
targeting
pdmp.profiles.tagger.opecloud.com/v1/ 		139 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdmp.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7&tenant=b159
Requested by
Host: cdn.opecloud.com
URL: https://cdn.opecloud.com/ope-tegna.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.30.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-30-75.compute-1.amazonaws.com
Software
/
Resource Hash
7e639859ede3b6ca310f0671ea16ac45d3c136a2f02f5b91136c4b6f093e9f74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
view
securepubads.g.doubleclick.net/pcs/ Frame 0922 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDC_MWARR6xw1QoC40J9n2Myj2i13vOsNRcZLEBobG73mG2Ipw7F7ojL7Ix6l35xI9NoZX_4BvAcw1tdSRf3e6y4-av7PxEeqrlgiSlXEolQcvs5ZNhCVLld8E2GGgWQNlLnhE5tXzLqw2hg4HPfofgFUXrHdYkpeIw6YHBEkIyLrUcNb-DvceHiSsjGE6vUvueacNO-eGV2y5PUImKtQQdd76cwQLt1vQoWWRflvN0Xe78lplIkPTYK-cgnvsdSOgM4raP07a_Y8r6yRZnxZujTzvkBagsTiGMrjbRkdl-eG5XbV5kS25NfFOl2IrWU0zR2M4tP6R7dvfPQaq5j6TFlZbLBno3zvxKGqdr-B_KhJA5ZEkFPSAfKSKuNAN6pph&sai=AMfl-YTJpJs05EnNM89TrMMGQcL6UWzEXjWj5yfaC8tX1F75cJkj21xl9MXIzb7Gy4jjyOfQABsxeWEXzMWBxB_ksz6D0jFxrRqYjytvcQTNSvpmPfDY77Zu_v8HucrHqmY&sig=Cg0ArKJSzEBJXdAk1MwpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
wt
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wt?pubid=160138&purl=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&tst=1692381882&iid=62e7149c-ada6-4f11-81ec-59f82a3bfcd8&bidid=36c34572a73e737&origbidid=36c34572a73e737&pid=3965&pdvid=17&slot=front_atf&au=front_atf&pn=ix&bc=ix&en=2.89&eg=2.89&kgpv=.*front_atf.*%40.*%40.*&piid=&rf=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0922 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 18:04:41 GMT
ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8408
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 8408
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3278840519872068504
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3278840519872068504
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OF6ZDRuPBUowVkCpYuj6dFTFM2OU59ITsXi34SbzWRrhj1yW7o1n4bNa96xUADH4fghp9Z4A%2FZhfUn2XM6IFObZRaxMHZ0G7KAo6kakrPjgu8jllXyBOAfB6KICDWsMFGXRJMvHkSSxF5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ab5fb331d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3278840519872068504
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame 8408
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=625a9fc10f3e15f0&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHyzrBvvwHuAN2iJWLAAAAAAA&expiration=1692468282&is_secure=true
43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHyzrBvvwHuAN2iJWLAAAAAAA&expiration=1692468282&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCjKCHIDFmDaa9Y8fWt1AJiZ8IVrd1Kmz%2FdzM%2BtKfYTerT1KrH8XMR7pSX%2FDiDG41RFponjaEJ7JicoAVuzKabcu4qRS8KjbQ9LTJy47MeeP5b33uDgslW2r4hlshRbWHFg8bscW"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14afaf6631d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHyzrBvvwHuAN2iJWLAAAAAAA&expiration=1692468282&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
r.casalemedia.com/ Frame 8408
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7xyI8O2DTzj%2FY%2BXudS51mAmGJXdjSqBeebUtT5JnabgBsIxV%2BTo4QW5A1AgldZUtfoiNz6rCjH8FPd9IHhQyFR8Fhg6qKKFr103drkTU3hq%2Be%2FFA13FUrBZ0adjP4vCkMfv"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ad6ac3498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 8408
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=979321835791302801
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=979321835791302801
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1hFZXynhsfxyddToHVb1M80OcQ2pxumCv01qaiX%2FOOcDLpMtYTn8lgEF2K4KafoEobgQGhFuxZDyCtk7M92KyPaZ2Dm3gr6hkH%2BcJTZFJmtiFTDybahVVy%2BDC%2FnIfMYLw1n%2F6Ql1tuCkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ae4d1831d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=979321835791302801
Date
Fri, 18 Aug 2023 18:04:42 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 8408
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973882&gdpr=0&gdpr_consent=
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973882&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSGhRsHBGCIp2XAZXNKlJT%2BZaSdy2QyOiHPxgjNXHIPZ3lV4%2FnW92VuNmZjhvGjAn2QsvbaHPQYmPiaTtu8Pw6bVphRcU%2FtY4wXhY%2FQRlCCyXckPVwjdb4En9RBM4XE2Bp5rTuYn%2BqqxTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ad5b6131d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cec9c022-2518-4275-90bb-40c27fa3670d&expiration=1694973882&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 8408
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B478bT6VYXDklG1z3C1q2j%2FjFVV3PC%2BxiPRGrO9zzVrxNRsWqRYBD2ydKkQhaaMFtc6zL%2B8qayrol8aiLqeaF5rnuSYniVgG7AkK1fDkZhh9hVgevGqeN1CzJunrVHqLLowbaZAQkkLBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14b068b331d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0674cafeac87e6731@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8408
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=A_p4KVf8fnYY_ip7BvkxdwD2eSkY_HguV_4f_URu
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=A_p4KVf8fnYY_ip7BvkxdwD2eSkY_HguV_4f_URu
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjFaI2ERQhjtIbF32HRbDRbEpdfeAyvjcvQM3VhPolGeKVpOy1FiGZn5Dq8hiqdNBiXlZwpUgNvrf5bNV9eaUl62CMd4HS4nRBnmDLRrQ3kd%2BxEz8oyr%2B1xk9nBt9Oc9%2BlikSuPDDFE0pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ad6b7c31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=A_p4KVf8fnYY_ip7BvkxdwD2eSkY_HguV_4f_URu
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 8408 		0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
4XhQL6YghRX2LtiFDfMUcicga-vCPA3UGT5M2BJJWrNGOjm8puLjjQ==
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Aug 2023 18:04:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 5FF5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4sFL9glzVMVgpwr4qouw3CaEdkg
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4sFL9glzVMVgpwr4qouw3CaEdkg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8tWnFV0ENsaYPJY3K%2B1yXlPaNZSjY19Fd9UMDq1MiMxHkmJbqHLHsYy0yjvwXlS6bkFT34ggUVtLf9TmGuSLaWveLstebMxJo5k6ia78L6hJ%2BUUHsCYYmBzFq4CIdapafwLMgXNCRrJqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ae1ccd31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=4sFL9glzVMVgpwr4qouw3CaEdkg
Date
Fri, 18 Aug 2023 18:04:42 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
113
match.deepintent.com/usersync/ Frame 5FF5 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113?us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:41 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum.casalemedia.com/ Frame 5FF5
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1YNY
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e619b299-0285-4247-8fc1-c42cb229d02e
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e619b299-0285-4247-8fc1-c42cb229d02e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQprNMkXVmIGaKGwIuowIjdiGS2W%2Bl6Pu7wyU1HT93f9XYCY5SFJ%2FDKXbvnQ%2BN%2B%2Bp%2FO8Ma%2Fn%2FThmp5lR%2FKDWJcjS0knn3novr2VyvTkwPrzM2LdHZfOKVPLcjRiZZGyIMUkhPXAI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14aecdea31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:24 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=e619b299-0285-4247-8fc1-c42cb229d02e
cache-control
private,no-cache
content-length
222
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 5FF5
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gpp_sid=null&gpp=null&us_privacy=1YNY&gdpr_consent=null&gdpr=null
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gpp_sid=null&gpp=null&us_privacy=1YNY&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2yAZZ2W0VD2UTV6rrdj8ybEw5Pmu2pK9GKkpsFkwjCP3X%2B3uGQaQXSHDVI%2BCIY2d%2FZYyExurzTZWWvT8VvadJzKZ4b0EDvNxNsf5HB14fHrHs1HCqEVnf2%2F18K9i3rzwmCcMsqWqEn%2BRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14af8f3031d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gpp_sid=null&gpp=null&us_privacy=1YNY&gdpr_consent=null&gdpr=null
date
Fri, 18 Aug 2023 18:04:42 GMT
server
_
content-length
0
rum
r.casalemedia.com/ Frame 5FF5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1YNY
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnEOA46ijDoa757fNkjgYKwJ8L4%2F6lht08nKBH8AqvjYRxzRAS7nDjzV4M1uVfNNJlcz%2BHOwakEqKJJZijEDVmtF8KjHt4LWEoukJh8FB1ekOVHmeZLfLk6Itm9tOj1g0Zoz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14ad9afb498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5FF5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 5FF5 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692381882309085-1143
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5FF5 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZN.yuQ0X0tnKZUDaNNXD1AAA%262851=&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
77232
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f8c14ac49438dbe-MIA
content-length
43
expires
Sat, 19 Aug 2023 18:04:42 GMT
crum
dsum-sec.casalemedia.com/ Frame 270D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=BB882163254D4174AB34F94472E55A64&us_privacy=1YNY
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=BB882163254D4174AB34F94472E55A64&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XiNjJTN8UQjwe%2FyrvVAKvSwNexaqXVi%2FHfyMOnGdcLotpVYXZLG01H7GrpbIRc%2FWG1FRW6JR9DWqphmZY9S6ewYvk0y%2BScBpWRVi01gcYHlCZRgpwodWzOCkN4Bt7mP9MsgHVIhn%2BHZCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14adec2731d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=BB882163254D4174AB34F94472E55A64&us_privacy=1YNY
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Aug 2023 18:04:42 GMT
crum
dsum-sec.casalemedia.com/ Frame 270D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1YNY
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=972208001108325558&expiration=1693591482
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=972208001108325558&expiration=1693591482
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caQ8yNx5V7Ky0RiluvFZANwHyhDnjKyI%2FHF0XEYJeMEdlMfAc1Y4IDhBwgD%2FgexjnyZpMhsCoSacLWrR1OzB7ObBEocHCEAdJUd%2Bmt2us3NjFOCMbAGvfjs0rxDMADNejD%2BNG8vZXddW2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14afbf7e31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=972208001108325558&expiration=1693591482
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 270D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1YNY
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFGJzlepB5M1Fo5uONlPuLtRgrlm1I%2FWrS9U%2Byz0k4maIP8kBDX1okGGk5BIH4guoFkAiYbPD%2BRt7NIcdK5B%2F0QlJwcQovmCYGhWyeFN80%2BBAUk6mhTQ4GEqoCvymlYCT8AFg65jwoM5Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14b068be31d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tp_out
d.adroll.com/cm/index/ Frame 270D 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:de3b:4e7f:13ed:76e2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 270D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNY
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5&us_privacy=1YNY
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk%2B64F3Xin9hUe8O4cIGKzcGoYSAXYoJH8%2Bhif8syO7MKcdp18Mwg3hOKSTBfmIFrAmR7hCSfLcfw6mJIW5y1iJKdBc1Upy04Z%2B5tnwHqFejDk%2Fx7%2FrGdGhLpm5NaghFUF8TNnYVLBbiGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14b068a631d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:41 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0041ae5058466e822@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=UYCeE6XS1Qx3PY5&us_privacy=1YNY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 270D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=za4J1TTLHcsqOEP-BXok&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26TBGRFDC...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=za4J1TTLHcsqOEP-BXok&us_privacy=1YNY
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=za4J1TTLHcsqOEP-BXok&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiEVGtYOcg9H0WorSA8wsSwhx9mIYwfgYVrYkOV9k%2FNZ%2BduUds4knx%2FtwE392UQOwnI1DsWRXX7LysTzLeWV0AlkX%2BJQh0CeGdAYOuv8CxcTObVt1CNTYysedcZen%2FX7XdJJQaVVde07jA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8c14b24c3231d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=za4J1TTLHcsqOEP-BXok&us_privacy=1YNY
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
135
Expires
Thu, 01 Dec 1994 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 270D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1YNY&gdpr=&gdpr_consent=&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7TJ91KM4JAV968MX9SCH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 270D 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.170.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-170-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 270D 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZN.yuQ0X0tnKZUDaNNXD1AAA%262851=&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
77232
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f8c14ac49458dbe-MIA
content-length
43
expires
Sat, 19 Aug 2023 18:04:42 GMT
crum
dsum-sec.casalemedia.com/ Frame C9DC
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=389660e3-c6dc-4342-92d0-f34bace7b3e9&expiration=1700330682
43 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=389660e3-c6dc-4342-92d0-f34bace7b3e9&expiration=1700330682
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14ac597f31d2-MIA
content-length
43
content-type
image/gif
date
Fri, 18 Aug 2023 18:04:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RQZlvE5PkUsxWmUB2xO%2FZWQ8pPGA1cqFyenDEVzcHhwi8DgVADaOGnqMsNFm%2F2lNy43MaNADWZMmmta0BZglvNPrlWJLHGLMvJQwGBCraTA54L%2FCKgN3%2F56qaXaJGSvOZUJwdp1jLncXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 18:04:42 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=389660e3-c6dc-4342-92d0-f34bace7b3e9&expiration=1700330682
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 515D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN_yugAAAH7yvgAb
85 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN_yugAAAH7yvgAb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1637
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 18 Aug 2023 18:04:42 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
8166
x-served-by
cache-mia-kmia1760097-MIA
x-timer
S1692381882.299189,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 18:04:42 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN_yugAAAH7yvgAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760097-MIA
x-timer
S1692381882.130329,VS0,VE26
pixel
cm.g.doubleclick.net/ Frame CCC8 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9iOWJmNDNhYi05OTgwLTRjN2QtYTU4MC02N2JiODk2MzBmNGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD56 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142219
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:41 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 8A13
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=cec9c022-2518-4275-90bb-40c27fa3670d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=cec9c022-2518-4275-90bb-40c27fa3670d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:42 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 18 Aug 2023 18:04:41 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=cec9c022-2518-4275-90bb-40c27fa3670d
server
Kestrel
usersync
usersync.gumgum.com/ Frame 6AE8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN.yusCo8YMAANUS4mAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZN.yusCo8YMAANUS4mAAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:42 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 18:04:42 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZN.yusCo8YMAANUS4mAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40200.dc2p.scaleout.jp
X-SO-IP
38.132.118.72
X-SO-Key
ZN.yusCo8YMAANUS4mAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.72","key":"ZN.yusCo8YMAANUS4mAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40200"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40200
usersync
usersync.gumgum.com/ Frame 6287
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=68672530-90fe-40e1-b390-35080cc5eae0
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=68672530-90fe-40e1-b390-35080cc5eae0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:43 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:43 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=68672530-90fe-40e1-b390-35080cc5eae0
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&google_hm=ZWI2ZjdiODgtYTRiYy00ZTYwLWJmNzktNzEwNTE3Y2I4NmU4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEENRTM1PPwebLhWqqEqnfF8&google_cver=1&ssp=sonobi&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
49 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=cec9c022-2518-4275-90bb-40c27fa3670d&pubid=91e92b73fd
49 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=cec9c022-2518-4275-90bb-40c27fa3670d&pubid=91e92b73fd
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=cec9c022-2518-4275-90bb-40c27fa3670d&pubid=91e92b73fd
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316564243691116
49 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316564243691116
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2810316564243691116
Date
Fri, 18 Aug 2023 18:04:42 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=emnWOirBSCcEF1SiwHUR&pi=sonobi
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=emnWOirBSCcEF1SiwHUR&pi=sonobi
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=emnWOirBSCcEF1SiwHUR&pi=sonobi
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT, Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 2F26
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=6f5eeefe-658b-41c1-aa64-1cde178e9d11&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Q0pVckdMTFFwajdrWWgzRzdxbk9QZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
49 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
49 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
date
Fri, 18 Aug 2023 18:04:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7597054620029118479
49 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7597054620029118479
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
an-x-request-uuid
5f54bbf4-7bc0-4826-a545-af3d3cc2cd75
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=7597054620029118479
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=87880&dpuuid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
dpm.demdex.net/ Frame 2F26 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.121.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-121-138.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0cf154a10.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1KO7kdlwQEw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ Frame 2F26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
info2
uipglob.semasio.net/sonobi/1/ Frame 2F26
Redirect Chain
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=6f5eeefe-658b-41c1-aa64-1cde178e9d11&sInitiator=external
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=6f5eeefe-658b-41c1-aa64-1cde178e9d11&sInitiator=external
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=6f5eeefe-658b-41c1-aa64-1cde178e9d11&sInitiator=external
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Frontend-ID
5
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/sonobi/1/info2?sType=sync&sExtCookieId=6f5eeefe-658b-41c1-aa64-1cde178e9d11&sInitiator=external
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
264.gif
id5-sync.com/k/ Frame 2F26
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&gdpr=0&gdpr_consent=&us_privacy=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F8%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/8/2.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/434/434/7/3.gif?puid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/434/429/6/4.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/441/5/5.gif?puid=u_b9bf43ab-9980-4c7d-a580-67bb89630f4b&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-2edezvzXTjNos6B9e4mEM9aJDG5Hc4D6T7k14bC6vQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/3/4/6.gif?puid=772b64df-b2bd-4800-8735-0aa640d77ef7&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/3/7.gif?puid=1d1acbe0-8756-4956-85c8-cdafaf2c8eb7&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=8342177640231574973&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/434/1246/2/8.gif?puid=HLDcfQZHcHxqw-twSRG0RE1f&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-2edezvzXTjNos6B9e4mEM9aJDG5Hc4D6T7k14bC6vQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F1%2F9.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/3/1/9.gif?puid=772b64df-b2bd-4800-8735-0aa640d77ef7&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=%%TTL%%
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=%%TTL%%
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 18 Aug 2023 18:04:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=cec9c022-2518-4275-90bb-40c27fa3670d&ttl=%%TTL%%
date
Fri, 18 Aug 2023 18:04:47 GMT
server
Kestrel
content-length
199
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Apache-Coyote/1.1
content-length
0
insync
thrtle.com/ Frame 2F26
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10072&vxii_pdid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
  • https://thrtle.com/insync?vxii_pdid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&vxii_pid=12&vxii_pid1=10072&vxii_rcid=942b4952-3cab-499b-89a1-d2b8f6de8bbb
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&vxii_pid=12&vxii_pid1=10072&vxii_rcid=942b4952-3cab-499b-89a1-d2b8f6de8bbb
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
23.23.38.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-38-193.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 18 Aug 2023 18:04:42 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?vxii_pdid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&vxii_pid=12&vxii_pid1=10072&vxii_rcid=942b4952-3cab-499b-89a1-d2b8f6de8bbb
date
Fri, 18 Aug 2023 18:04:42 GMT
content-type
text/html; charset=utf-8
content-length
182
p3p
CP="NOI OUR BUS UNI COM NAV"
usersync
match.bnmla.com/ Frame 2F26 		0
0
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=48a489b6-ded6-4798-8895-47d7be6c575d
49 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=48a489b6-ded6-4798-8895-47d7be6c575d
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=48a489b6-ded6-4798-8895-47d7be6c575d
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=b4356aaa-1aff-0db9-156f-43f6a2671a93
49 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=b4356aaa-1aff-0db9-156f-43f6a2671a93
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=b4356aaa-1aff-0db9-156f-43f6a2671a93
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usg.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NmY1ZWVlZmUtNjU4Yi00MWMxLWFhNjQtMWNkZTE3OGU5ZDEx
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB1ZwmlP4FZbfWblLMZzGmg&google_cver=1
49 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB1ZwmlP4FZbfWblLMZzGmg&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB1ZwmlP4FZbfWblLMZzGmg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=b260189533234555a018953323955580
49 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=b260189533234555a018953323955580
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 18:04:41 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sync.go.sonobi.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=b260189533234555a018953323955580
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
396846.gif
idsync.rlcdn.com/ Frame 2F26
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
receive
pixel.tapad.com/idsync/ex/ Frame 2F26
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=6f5eeefe-658b-41c1-aa64-1cde178e9d11
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=6f5eeefe-658b-41c1-aa64-1cde178e9d11
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
359
ecm3
s.amazon-adsystem.com/ Frame 2F26 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W25GCXXH1W6S8078AQ90
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=572205591462893908588
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=572205591462893908588
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=572205591462893908588
date
Fri, 18 Aug 2023 18:04:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ID1=6f5eeefe-658b-41c1-aa64-1cde178e9d11
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ Frame 2F26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.116.194.23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
d-atl1.turn.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
all
ssl-market-east.smrtb.com/sync/ Frame 2F26 		0
0
user-sync
sync.adkernel.com/ Frame 2F26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/ Frame 2F26
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=a25c2708-dcbd-44cf-9563-d52cf479f8ab
49 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=a25c2708-dcbd-44cf-9563-d52cf479f8ab
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=a25c2708-dcbd-44cf-9563-d52cf479f8ab
date
Fri, 18 Aug 2023 18:04:42 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
30907
tags.bluekai.com/site/ Frame 2F26 		21 B
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 18 Aug 2023 18:04:42 GMT
content-length
21
content-type
text/plain; charset=utf-8
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 2F26 		0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.168.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-168-96.bos50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
via
1.1 3f2d1b9ddd51bb5347439fcd3cc10c06.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
BOS50-P3
vary
Origin
access-control-allow-methods
POST, GET
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://sync.go.sonobi.com/
x-cache
Miss from cloudfront
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
content-length
0
x-amz-cf-id
uVKX18z-IVY77_8Z4d46FC96350Sz-2jXpESiNRvzrEyPmOClvi38Q==
alt-svc
h3=":443"; ma=86400
sync
sync.bfmio.com/ Frame 6310
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=cec9c022-2518-4275-90bb-40c27fa3670d
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=cec9c022-2518-4275-90bb-40c27fa3670d
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:41 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=106&uid=cec9c022-2518-4275-90bb-40c27fa3670d
date
Fri, 18 Aug 2023 18:04:41 GMT
server
Kestrel
content-length
183
CookieSyncBeachfront
rtb.adentifi.com/ Frame 6310 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncBeachfront?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D149%26uid%3D%24UID%0A
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.170.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-170-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
sync
sync.bfmio.com/ Frame 6310
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=49&redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D167%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.bfmio.com/sync?pid=167&uid=av-0f68c4b5-3801-4a2d-8228-3bcec724df6b
0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=167&uid=av-0f68c4b5-3801-4a2d-8228-3bcec724df6b
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:41 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=167&uid=av-0f68c4b5-3801-4a2d-8228-3bcec724df6b
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Apache-Coyote/1.1
content-length
0
sync
sync.bfmio.com/ Frame 6310
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/3d963303e5b3a0d586aeb0dc76dd4ed179598ccd
  • https://sync.bfmio.com/sync?pid=157&uid=y-.9gw8UVE2pL1s5u3RFuf5.Ek38NKT6Av7DsLC8IOLA--~A
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=157&uid=y-.9gw8UVE2pL1s5u3RFuf5.Ek38NKT6Av7DsLC8IOLA--~A
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:42 GMT

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.bfmio.com/sync?pid=157&uid=y-.9gw8UVE2pL1s5u3RFuf5.Ek38NKT6Av7DsLC8IOLA--~A
content-length
0
sync
sync.bfmio.com/ Frame 6310
Redirect Chain
  • https://ad.mrtnsvr.com/sync/beachfront
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D187%26uid%3D%23PM_USER_ID
  • https://sync.bfmio.com/sync?pid=187&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:42 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=187&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
date
Fri, 18 Aug 2023 18:04:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
sync.bfmio.com/ Frame 6310
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/bch
  • https://match.prod.bidr.io/cookie-sync/bch?_bee_ppp=1
  • https://sync.bfmio.com/sync?pid=168&uid=AAC0Ik7Jv2UAACTqc7GRqQ
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=168&uid=AAC0Ik7Jv2UAACTqc7GRqQ
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:42 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=168&uid=AAC0Ik7Jv2UAACTqc7GRqQ
Date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
pips.taboola.com/ 		4 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760064-MIA
date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.9news.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B2B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
13671
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 14:16:51 GMT
expires
Sat, 17 Aug 2024 14:16:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3981 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c9578a7316e46e0ec601d40c7ac0f14f458410cc1c2c290f75defbdae0a0b86
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bufxgAoA6yLy_a77I2Q5ZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-bufxgAoA6yLy_a77I2Q5ZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:42 GMT
expires
Fri, 18 Aug 2023 18:04:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
crum
dsum-sec.casalemedia.com/ Frame E5D5
Redirect Chain
  • https://um4.eqads.com/um/cs?us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3673c7c1-95e3-481c-bcab-445f76d8ea32&expiration=1700330682
43 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3673c7c1-95e3-481c-bcab-445f76d8ea32&expiration=1700330682
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.9news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8c14ac597c31d2-MIA
content-length
43
content-type
image/gif
date
Fri, 18 Aug 2023 18:04:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9K%2FeQDwtr26q0yM9bsDdM06hdQTRznVV5%2Fqzp1HVLZzDlDDYUNjT58hqcRU9v0xRyJZSt8H5QPOOaLHUVTAuzCSTWIxZSl2JvcsBivga85pSyOKDKGf%2BdHEJNqHey3jYFIyvsUH%2FUvQjXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 18:04:42 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3673c7c1-95e3-481c-bcab-445f76d8ea32&expiration=1700330682
usersync
usersync.gumgum.com/ Frame 13E3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=emnWOirBSCcEF1SiwHUR&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=emnWOirBSCcEF1SiwHUR&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:42 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 18 Aug 2023 18:04:42 GMT Fri, 18 Aug 2023 18:04:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=emnWOirBSCcEF1SiwHUR&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame CC52
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 210E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3m7D3yyGGDy6izeVjQld
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H534FCYNA534Y9CGAA4S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 210E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3m7D3yyGGDy6izeVjQld
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3m7D3yyGGDy6izeVjQld
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
359
sync
ads.yieldmo.com/v000/ Frame 210E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=8342177640231574973&pn_id=an
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=8342177640231574973&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.213.251.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-251-77.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
an-x-request-uuid
32bac7fd-9fa9-4403-80cb-5bd0785d1874
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=8342177640231574973&pn_id=an
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync-pm.ads.yieldmo.com/ Frame 210E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DC3BD0C7A-B371-4686-9220-ADA9A334E959%26gdpr%3D-1%26gdpr_consent%3D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.205.43.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-43-234.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=-1&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 210E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M203RDN5eUdHRHk2aXplVmpRbGQ=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 210E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3m7D3yyGGDy6izeVjQld
  • https://ads.yieldmo.com/v000/sync?tdid=cec9c022-2518-4275-90bb-40c27fa3670d
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=cec9c022-2518-4275-90bb-40c27fa3670d
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.213.251.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-251-77.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=cec9c022-2518-4275-90bb-40c27fa3670d
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
181
dcm
s.amazon-adsystem.com/ Frame F447 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C3BD0C7A-B371-4686-9220-ADA9A334E959&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PR478HC0D5QXBJ0S5EFM
sn.ashx
pmp.mxptint.net/ Frame AF0B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMElrN0p2MlVBQUNUcWM3R1JxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAC0Ik7Jv2UAACTqc7GRqQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC0Ik7Jv2UAACTqc7GRqQ&pid=558502&do=add&gd...
  • https://sync.technoratimedia.com/services?uid=AAC0Ik7Jv2UAACTqc7GRqQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC0Ik7Jv2UAACTqc7GRqQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5132813517839228127&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0Ik7Jv2UAACTqc7GRqQ&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_1079D40AC_2E2BF9C4&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.68.201.140 Levittown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-375386683; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:43 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age=-375386683; includeSubDomains

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 18 Aug 2023 18:04:42 GMT
location
https://pmp.mxptint.net/sn.ashx?ak=1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame F0B9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8342177640231574973&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a2fb9ede-b4be-49ec-954b-55ac4d60984a&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DC3BD0C7A-B371-4686-9220-ADA9A334E959&us_privacy=%24%7B...
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
x-amz-cf-id
is43Mr4OLfRxXRPHv42MeWVWRIMmhCGjYb-XOrOaKPR5MpNRnLxMIA==
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 18 Aug 2023 18:04:42 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w70MerNxRoaSIK2pozTpWQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=142218
accept-ranges
bytes
content-length
5606
expires
Sun, 20 Aug 2023 09:35:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame BB16
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C3BD0C7A-B371-4686-9220-ADA9A334E959
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C3BD0C7A-B371-4686-9220-ADA9A334E959
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cec9c022-2518-4275-90bb-40c27fa3670d&ttd_puid=38f50135-3dcc-4b60-a270-799747dbc202%2C%2C
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame BB16 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C3BD0C7A-B371-4686-9220-ADA9A334E959&rnd=RND
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame BB16 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=C3BD0C7A-B371-4686-9220-ADA9A334E959&dongle=u6nf&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
simage2.pubmatic.com/AdServer/ Frame BB16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzNCRDBDN0EtQjM3MS00Njg2LTkyMjAtQURBOUEzMzRFOTU5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
42 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
date
Fri, 18 Aug 2023 18:04:43 GMT
content-type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame BB16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNWUqMNVn-j22OqxteqpHQ&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
42 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTUmdGw9MTI5NjAw&piggybackCookie=cuid_b49a7c60-3df1-11ee-9934-120817463c8f&gdpr=0
date
Fri, 18 Aug 2023 18:04:43 GMT
content-type
text/plain
Pug
image2.pubmatic.com/AdServer/ Frame BB16
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=61d9af75-bf4b-3930-827d-6b5a658aa7a2&ssp=pubmatic&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame BB16
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b0387f28-94b6-406f-a845-794f24da15b6&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
C3BD0C7A-B371-4686-9220-ADA9A334E959
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BB16 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C3BD0C7A-B371-4686-9220-ADA9A334E959?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame BB16
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-os7UaiBE2uXkpe9sXsnL2oqHSDL9aAk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-os7UaiBE2uXkpe9sXsnL2oqHSDL9aAk-~A&gdpr=0
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-os7UaiBE2uXkpe9sXsnL2oqHSDL9aAk-~A&gdpr=0
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame BB16
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3278840519872068504&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D38f50135-3dcc-4b60-a270-799747dbc202%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8342177640231574973&pt=38f50135-3dcc-4b60-a270-799747dbc202%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=pubmatic&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Aug 2023 18:04:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
truncated
/ Frame DB2E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0fc06b6ebd43bb9f63babbdd5692efc12c58be4f033d943400b9293121dcb50

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
cksync.php
contextual.media.net/ Frame 5F5B 		61 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 18:04:42 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-61
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6f5eeefe-658b-41c1-aa64-1cde178e9d11
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=5132813517839228127&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=5132813517839228127&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=5132813517839228127&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:41 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C3BD0C7A-B371-4686-9220-ADA9A334E959
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C3BD0C7A-B371-4686-9220-ADA9A334E959
date
Fri, 18 Aug 2023 18:04:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Date
Fri, 18 Aug 2023 18:04:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=df4dd5171d3e973d54e72ea7458e96b&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=df4dd5171d3e973d54e72ea7458e96b&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=df4dd5171d3e973d54e72ea7458e96b&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692381882642066-1155
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3m7DXvyGGDys2L3_HSHF&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3m7DXvyGGDys2L3_HSHF&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3m7DXvyGGDys2L3_HSHF&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
date
Fri, 18 Aug 2023 18:04:42 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8342177640231574973&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8342177640231574973&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
an-x-request-uuid
3f85209f-37c8-44dd-a3ef-2a99dfdef095
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=8342177640231574973&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=f718ca3e-1cc4-07f3-2510-1642a1f88f95
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=f718ca3e-1cc4-07f3-2510-1642a1f88f95
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=f718ca3e-1cc4-07f3-2510-1642a1f88f95
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb&gdpr=0
date
Fri, 18 Aug 2023 18:04:42 GMT
content-length
0
merge
ce.lijit.com/ Frame 5F5B
Redirect Chain
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2371384685
  • https://sync.1rx.io/usersync/tradedesk/cec9c022-2518-4275-90bb-40c27fa3670d
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
Server
Tengine
ETag
RXa8c4e4e111a74d9faacc9304e2e3bbb6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Content-Type
text/html
Connection
keep-alive
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=dDwU09hZAwd6&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=dDwU09hZAwd6&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=dDwU09hZAwd6&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212153247920106
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212153247920106
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212153247920106
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
merge
ce.lijit.com/ Frame 5F5B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6354388824
  • https://sync.1rx.io/usersync/tradedesk/cec9c022-2518-4275-90bb-40c27fa3670d
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
Server
Tengine
ETag
RXa8c4e4e111a74d9faacc9304e2e3bbb6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=97&3pid=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Content-Type
text/html
Connection
keep-alive
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=2129E09A41B14F3196FBE4892007BDC9
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
x-varnish
905583950
access-control-allow-credentials
true
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 5F5B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri5Z76ZvRfyqQ7HDJZjXYL8ckvjfJ1fbM7MzVqLZcYDTyaaGH9RXz5uSytY3sgdgnIjHKfxDBKlc1NC%2BjIIZOA8VvimH%2B1IItsM7gwlF0INAaEZhTwTALr%2FKENmUOAA%2B8xgZB9S6rtnW3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
cache-control
no-cache
cf-ray
7f8c14ae9db031d2-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 5F5B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=zN8Ev-ozkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R2TD757HA5P70F6860JG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 0B23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VTh2Nl9tYUY4TlN3WHVXNjg0SlNkdw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
49 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEC2l0FhEOWxQxaDZEiHcQ9M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 0B23
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=196a7bf1473106a2&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABw5NPE5oNxANl_CLRAAAAAAA&expiration=1692468282&nuid=&is_secure=true
49 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABw5NPE5oNxANl_CLRAAAAAAA&expiration=1692468282&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABw5NPE5oNxANl_CLRAAAAAAA&expiration=1692468282&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 0B23
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr_in_effect=0&gdpr_consent=
49 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr_in_effect=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ecm3
s.amazon-adsystem.com/ Frame 0B23 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=dDwU09hZAwd6&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PZCND5F56KHSSE1N8GEF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 135F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27931
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
usersync
x.serverbid.com/ Frame A82E 		35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=26a83e27-09a8-4ebb-822d-126153e5a6c3
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
usersync
x.serverbid.com/ Frame BCE9 		35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=f807ee65-0e5a-4148-9c7b-181e4fdf9124
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
canvas-tmpl_v2.0.6.html
js-sec.indexww.com/native/ Frame 6885 		1 KB
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/native/canvas-tmpl_v2.0.6.html?t=4063349
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52e039bec45a0ce843fa271776dcaf23b44f2fae3d5b29b68805f5553b267c8

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
616
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f8c14ad5d423710-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 18:04:42 GMT
expires
Fri, 18 Aug 2023 22:04:42 GMT
last-modified
Wed, 08 Mar 2023 14:44:18 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 0922 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
454737b778ec0d97203c61426d10b0d032da4730247e0d239f587059de318e02

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store
server
nginx
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame A2F7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1YNY&gdpr=0&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
71736

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
usync.js
eus.rubiconproject.com/ Frame 8D30 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27931
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
usync.js
eus.rubiconproject.com/ Frame 456A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27931
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
usync.js
eus.rubiconproject.com/ Frame ADC3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27931
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
/
onetag-sys.com/usync/ Frame 5C9A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 3712
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 0196 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=HLDcfQZHcHxqw-twSRG0RE1f&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R5QTYKMHRZ0ZJJAKHQVA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 0196
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=emnWOirBSCcEF1SiwHUR&pi=sovrn&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=emnWOirBSCcEF1SiwHUR&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=emnWOirBSCcEF1SiwHUR&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT, Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 0196
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LLGWH5J5-B-4TBO&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LLGWH5J5-B-4TBO&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LLGWH5J5-B-4TBO&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame 0196 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame 0196
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=dDwU09hZAwd6&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=dDwU09hZAwd6&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=dDwU09hZAwd6&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1
RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
sync.targeting.unrulymedia.com/csync/ Frame 0196
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5578878752
  • https://sync.1rx.io/usersync/tradedesk/cec9c022-2518-4275-90bb-40c27fa3670d
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usync.js
eus.rubiconproject.com/ Frame CC52 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27931
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
ecm3
s.amazon-adsystem.com/ Frame 80E9
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLGWH5J5-B-4TBO
  • https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
16TT90KA2WPYG63Q0E7T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A2F7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MHRSKX884CX4T1GEJ8JJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A2F7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1YNY
  • https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1YNY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YZGJ3SDACM1RQFGZ63CF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LLGWH5J5-B-4TBO&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A2F7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=&expires=30
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cec9c022-2518-4275-90bb-40c27fa3670d&gdpr=0&gdpr_consent=&expires=30
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame A2F7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1YNY
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=865T-pkuTZ6Buje7GWd8Dg&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=865T-pkuTZ6Buje7GWd8Dg&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=865T-pkuTZ6Buje7GWd8Dg&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YCSF6KPCSSQA09QJKJ3R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=865T-pkuTZ6Buje7GWd8Dg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame A2F7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1YNY
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8D333F9188BB4E2EBFEAB9F3DD503A10 Ref B: MIAEDGE1906 Ref C: 2023-08-18T18:04:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDNlz3BFUJgiridhD/+g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLGWH5J5-B-4TBO&gdpr=0&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A2F7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExHV0g1SjUtQi00VEJP&gdpr=0&us_privacy=1YNY
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDMq-i97KXiwVLwPY9-caLA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHV0g1SjUtQi00VEJP&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHV0g1SjUtQi00VEJP&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExHV0g1SjUtQi00VEJP&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A2F7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1YNY
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nJSlN57gvuFlc8P3QboaAA?csrc=&gdpr=0&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1kWqg3lE2oLzbny3_58H2iIkSuGizS7SwESO1g--~A
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1kWqg3lE2oLzbny3_58H2iIkSuGizS7SwESO1g--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 18 Aug 2023 18:04:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1kWqg3lE2oLzbny3_58H2iIkSuGizS7SwESO1g--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A2F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEA9GGKG-D_uh6GzI3SQUdfE&google_cver=1
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEA9GGKG-D_uh6GzI3SQUdfE&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEA9GGKG-D_uh6GzI3SQUdfE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.9news.com%2F&domain=www.9news.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.9news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Aug 2023 18:04:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
327049
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.9news.com%2F&domain=www.9news.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=65YP23x0aDRYWmg5VVdqV1JrZGZNQWRUcjZFRUc3eVlYSUtyL1R0YytQLzdmNVBJdVRKSEJ3TzVrc2dreXNsNFJMaGZmcC9MRnhhYjJYaTY0S0xtOXl5ckE2S29MKzNpbEo3T01mRzB5Vng5b2pjQmUzNFFndEQvQkF6NF...
426 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=65YP23x0aDRYWmg5VVdqV1JrZGZNQWRUcjZFRUc3eVlYSUtyL1R0YytQLzdmNVBJdVRKSEJ3TzVrc2dreXNsNFJMaGZmcC9MRnhhYjJYaTY0S0xtOXl5ckE2S29MKzNpbEo3T01mRzB5Vng5b2pjQmUzNFFndEQvQkF6NFJvblZJWG9PbGgvK2JONWIyeDR2N2lmMC9OUUI3anllTUtlb21ycElUQ09oZ2pKQVcvVFIwQWdEa2w2dHF1dzdvaEtUby9lZXJxbGJBaEhyT3A2endMVHJVT1YvREo5N2ZBb3p1SEVrRnNydWxrbHZhaUJmSmVSYUFYQXY2ODM3SzhqcVdTaEo0QjN1T3FzN08yQ2lvcUZCSnlERjBudz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f600467678c092d7c62a3921f59f36db07f67ca8f26b79cc91cf8038d6b7611e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
904227
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.9news.com
location
https://mug.criteo.com/sid?cpp=65YP23x0aDRYWmg5VVdqV1JrZGZNQWRUcjZFRUc3eVlYSUtyL1R0YytQLzdmNVBJdVRKSEJ3TzVrc2dreXNsNFJMaGZmcC9MRnhhYjJYaTY0S0xtOXl5ckE2S29MKzNpbEo3T01mRzB5Vng5b2pjQmUzNFFndEQvQkF6NFJvblZJWG9PbGgvK2JONWIyeDR2N2lmMC9OUUI3anllTUtlb21ycElUQ09oZ2pKQVcvVFIwQWdEa2w2dHF1dzdvaEtUby9lZXJxbGJBaEhyT3A2endMVHJVT1YvREo5N2ZBb3p1SEVrRnNydWxrbHZhaUJmSmVSYUFYQXY2ODM3SzhqcVdTaEo0QjN1T3FzN08yQ2lvcUZCSnlERjBudz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
230180
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
021f3829ba5dd75143b23d6c8875bcd2d2b3fe92d1ad3d1ff1f24ed4f0fde55f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
aa8b59de0708f3aa7f4869d599c55a078e3f09f6c663ebd180c255ef6736bf5e

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.9news.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 17 Sep 2023 18:04:42 GMT
envelope
api.rlcdn.com/api/identity/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
dpm.demdex.net/ Frame A82E
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
42 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Server
54.205.121.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-121-138.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0fd58882a.edge-va6.demdex.com 12 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ewnE2NmtSyA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 18 Aug 2023 18:04:42 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b56b60f0-3df1-11ee-89dd-0a2b153d28e5
Instance-id
i-010f60a13e17eb673
Location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
dpm.demdex.net/ Frame BCE9
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Server
54.205.121.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-121-138.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-077e5894d.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Ecvi7sGoTYQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b56d35b0-3df1-11ee-91f5-0a87b4ccd25d
Instance-id
i-03611fac444836caf
Location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc02e61d526d7041f88fa01673562d72
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
usync.js
eus.rubiconproject.com/ Frame 3712 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27930
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
live-3390_00026.ts
livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/ 		559 KB
560 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/live-3390_00026.ts
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.185 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3cf2ce4f8e20c1eb57088d7d37f8d64803120d07ba5c51b7fd1e72a906f01179

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
Akamai-Path-Timestamp
i=1692381870.713;xi=1692381870.728;xo=1692381871.382;s=1692381871.406;
Akamai-Mon-Iucid-Ing
2014548
Connection
keep-alive
Akamai-Mon-Iucid-Del
312833
Content-Length
572084
Pragma
no-cache
Last-Modified
Fri, 18 Aug 2023 18:04:30 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
X-Akamai-Live-Origin-QoS
d=7000;t=1692381870.715
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535958
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 17 Aug 2024 18:04:01 GMT
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 5774 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
93cd93435c48cbde336ddaf4e94e9209d5e57558d5c7c1656912aff2f92b814e

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
6345
Content-Type
text/html;charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:43 GMT
Instance-id
i-06e6cbcf82b2bcb64
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
0
X-Adswizz-request-id
b5667ef0-3df1-11ee-bfea-062374d9c5eb
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 32A3 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6d94b9f9abf8a39db9e0815ece0eccc16847e187f4db252808ebcb99b3619bf8

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
6342
Content-Type
text/html;charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:42 GMT
Instance-id
i-0bd5a5e9c71ff3d65
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
0
X-Adswizz-request-id
b5656d80-3df1-11ee-a61c-0a89173b1177
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
view
securepubads.g.doubleclick.net/pcs/ Frame 0922 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5wzNdG7uyj0GXwioI56yXTenmm258OrMRuVBDj1SkP2C5F9NXq7m3s17KuZ6epeOBpjiNeHXq3xx0x9uxa4MdlYjtqQYO5Cmzmyf4UEBnRTDvdssMthf-F1b6t0AthaA7it9mZid_8905OmgMvXyOCLLfheLjPUwRAjpVVoYUfFujTNL69-HI0wT4hbRBT100c6QqO2IyDEkoYhKU6TMsiYv-C8nGAtDHSjHQi-F908bzb4KCXRohgcbKhZI8dk5kIBrPt_-h8Rs9yhS1ZbuV-0o48kktJz2nq4AXKVRTXy-9k8pmLuJ_sZvFUy5d5CT_sRFJhocgig2-R77hOaiqEl8IWoqmeQa1vWYrbYOcoO49M60QvtH5BZ5ty83B4_LH9Nw&sai=AMfl-YTV0OyN6-HYEvR79XTR6feaTqSoUohhXAUlqTTVftA2y2yGT7NmOTduR99WD8zhduLwXOdktDG9TSNVrsuvmT5iZYRvfVyaylYOjYb8i2WHpKsVlR-eVSSMz8dTHxk&sig=Cg0ArKJSzC2XG2gifCEbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 18 Aug 2023 18:04:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3981 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=554103391489545&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
usersync
e.serverbid.com/ Frame 135F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=24856&khaos=LLGWH5J5-B-4TBO
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LLGWH5J5-B-4TBO
35 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LLGWH5J5-B-4TBO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://eus.rubiconproject.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LLGWH5J5-B-4TBO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
syncframe
gum.criteo.com/ Frame 870A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.9news.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:42 GMT
server
Kestrel
server-processing-duration-in-ticks
1001634
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
52e10d7f94e51a0d4a3fc094b4acd9265919fcdda1733e7ef2ca834cdadb6f20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
native-renderer-v1.0.15.js
js-sec.indexww.com/native/ Frame 6885 		289 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/native/native-renderer-v1.0.15.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/native/canvas-tmpl_v2.0.6.html?t=4063349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acfa47924a6bdcd0106270ba7c550f8a3938fd5ae63d3fe9bcca430f730be59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/native/canvas-tmpl_v2.0.6.html?t=4063349
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 Mar 2023 14:42:26 GMT
server
cloudflare
age
49
etag
W/"b00271-484c6-5f6648970058e"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7f8c14b1f9733710-MIA
expires
Fri, 18 Aug 2023 22:04:43 GMT
sync
usr.undertone.com/userPixel/ Frame 456A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LLGWH5J5-B-4TBO
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5J5-B-4TBO
0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5J5-B-4TBO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
108.138.106.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-114.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:42 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
Se9_QS7LlMGeO1s-0p944npQbroz1s9vYDrSNs01-Yoxduciym5r7A==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LLGWH5J5-B-4TBO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=65YP23x0aDRYWmg5VVdqV1JrZGZNQWRUcjZFRUc3eVlYSUtyL1R0YytQLzdmNVBJdVRKSEJ3TzVrc2dreXNsNFJMaGZmcC9MRnhhYjJYaTY0S0xtOXl5ckE2S29MKzNpbEo3T01mRzB5Vng5b2pjQmUzNFFndEQvQkF6NFJvblZJWG9PbGgvK2JONWIyeDR2N2lmMC9OUUI3anllTUtlb21ycElUQ09oZ2pKQVcvVFIwQWdEa2w2dHF1dzdvaEtUby9lZXJxbGJBaEhyT3A2endMVHJVT1YvREo5N2ZBb3p1SEVrRnNydWxrbHZhaUJmSmVSYUFYQXY2ODM3SzhqcVdTaEo0QjN1T3FzN08yQ2lvcUZCSnlERjBudz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Aug 2023 18:04:43 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
175640
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame CC52
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLGWH5J5-B-4TBO
  • https://usersync.gumgum.com/usersync?b=mag&i=LLGWH5J5-B-4TBO
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LLGWH5J5-B-4TBO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LLGWH5J5-B-4TBO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 7B2B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
247759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:15:24 GMT
b7ZEtiCYqr6kX6aKkGJozW.js
sc.tynt.com/script/sc/ Frame DB2E 		900 B
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/b7ZEtiCYqr6kX6aKkGJozW.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77888507288361bc4b48394acce32b16ea36773e90f8d1c1635fbaa34afdf770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
242364
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0f82a0f0-449b-4d68-ace3-0cd5ea770361
x-runtime
0.002107
x-content-digest
1607067b1c0a46d0ca42ae8a0693fff6f01436ec
last-modified
Mon, 14 Aug 2023 14:04:40 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
7f8c14b2bd674c10-MIA
x-rack-cache
fresh
expires
Tue, 15 Aug 2023 08:27:24 GMT
sid
mug.criteo.com/ Frame 870A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=9news.com&sn=ChromeSyncframe&so=3&topUrl=www.9news.com&bundle=3ZzXx19qNFdsRTBJcXc1amNlZkZvMllZNXpKWSUyRnd4JTJGaSUyRmtja0M5MTJrZ2hLWjdhanFj...
  • https://mug.criteo.com/sid?cpp=3YRbTnxFc1lJTmNpS20yNm1lTDFRL2IveitrbWhBaUVBcGtUNHl3b3pwZHEzYUhmN2hySzZzWWpJMUdLNVhwMDJBVjdIa1VKQ3BqbzNZbHFXS1Mwdm1RTGNiTFBNbW5nTDlTV2p2RlBCOGtaQzU0K2l2NkszbDZWTjdJSD...
425 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3YRbTnxFc1lJTmNpS20yNm1lTDFRL2IveitrbWhBaUVBcGtUNHl3b3pwZHEzYUhmN2hySzZzWWpJMUdLNVhwMDJBVjdIa1VKQ3BqbzNZbHFXS1Mwdm1RTGNiTFBNbW5nTDlTV2p2RlBCOGtaQzU0K2l2NkszbDZWTjdJSDVWa3pkdHJlc0dZS2VDMEV1cnYzK2hZVnZWd0UzaklBUFYzQldRVUFncm42bDdhQWd3dE5Bd0dtb0FaQit2SkxyRE1xUnJrSUp5OS92SnJkUSs1OURaTTFOdmdwWC9pQmVuQXhSSXVtRHFHeVd5cXlHK1ZYZWJ1KzdTbVY4MTdJUEtiLy8zVTZUTC9GQmF4ZVRYYk1IZ2FGc0FEcDBsUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fd7fe6c2ca89bdb1eb4e08f2ee4aa3339007420ef466bae448a358c949ff669e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
778187
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3YRbTnxFc1lJTmNpS20yNm1lTDFRL2IveitrbWhBaUVBcGtUNHl3b3pwZHEzYUhmN2hySzZzWWpJMUdLNVhwMDJBVjdIa1VKQ3BqbzNZbHFXS1Mwdm1RTGNiTFBNbW5nTDlTV2p2RlBCOGtaQzU0K2l2NkszbDZWTjdJSDVWa3pkdHJlc0dZS2VDMEV1cnYzK2hZVnZWd0UzaklBUFYzQldRVUFncm42bDdhQWd3dE5Bd0dtb0FaQit2SkxyRE1xUnJrSUp5OS92SnJkUSs1OURaTTFOdmdwWC9pQmVuQXhSSXVtRHFHeVd5cXlHK1ZYZWJ1KzdTbVY4MTdJUEtiLy8zVTZUTC9GQmF4ZVRYYk1IZ2FGc0FEcDBsUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
417507
content-length
0
expires
0
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=b7ZEtiCYqr6kX6aKkGJozW&lm=6&ts=1692381883427&dn=RCIV&iso=0&us_privacy=1YNY&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=7&pu=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&ct=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process&t=Colorado%20tried%20to%20weed%20out%20unemployment%20fraud%20and%20caught%20thousands%20of%20real%20claims%20in%20the%20process%20%7C%209news.com&chmob=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
css2
fonts.googleapis.com/ Frame 6885 		7 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 18:04:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 16:13:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Aug 2023 18:04:43 GMT
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame 6885 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/native/native-renderer-v1.0.15.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 18:04:43 GMT
truncated
/ Frame 6885 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
2898604292826731013
s0.2mdn.net/simgad/ Frame 6885 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2898604292826731013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3de577df112c9eb6024eebbcd8abf4dc94f23bba5b2f8219d5d37e4c882a5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:25:08 GMT
x-content-type-options
nosniff
age
254375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139324
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 15:11:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Aug 2024 19:25:08 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6885 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aha9TzhpHonR5hy026W1kyblVzUjr2qSletlt9URyyzNXPNjg9D93SfdXHQCNLomI4dH0p6eU0eu_y_O4UjCZkHeeLhg&dbm_d=AKAmf-CoGmtT-xnE9XLTU5NFgvaxENzJqOJvT9dpaEBID74JqcA00TSVtzGAjSxpQI0oInxwIPuzkTVLs0n1c7t4ufv4lgHQe5dr3nnAVwHA7MJf9H76y1vUufsvXpVLmJCtosnDdL39zjN7CqPcHPpxM5Oc6wEAWcFipgeNrrM0QZEhNmOPMhZcmOkpikvQ1q6so1W0RI7qqJPmoRDvGOTF_tqvkmnecaC4W4TEDd4PjSFfkiQpSFU8v2-Xg0pIQhtWcVLlmmQXDqrb9sMkd8NO7zSKmahR2oPmPgGYqtPVECXCWhznTsoc2HFZ2HCEVzp0k5wQGO461kj7lxexnjb1iAMF4TMGdCvG0XS2iPOQ0hf4czZEK8sjJ0isJj2_iyYYf2ktdAVn9OIvoAzJQGQrp3Pq4VUH14yrqKL180R2JnAwj9bxMrKLLAAvXlqqCKAusi_-LdurinGBkAjTfG_dTuQpkoscqEOWLytfL3QgKDKh2kgYEIWevIF1SliTJHa7XHLtMH1A8b6AIUcXF67c6Kfm9z2j34_UelVnzpkraTtBrzAjn1ggYvZcqnOl2UF2yMfzt4FxoLO-bFxdC3dU2JR2QY6XjYmstrwWXjXSCSXnMcI6HOsf1RFXze0D_v7rWtzSIk0-0U-PT4YnKk_Fq7hUJ83QEpu4_yIM5LlLHTTqBcNSxQOzcZHRwrrFIdfWhjSPvVJzs9XerbZHT4Ty31A32r80Nndnjq_CIf54rqhqSHA9Q5bSaefWP_DlAmMe3xUi141B-lJ2erIGMvbjbmkvVtmiFhUY2_CovZd07bkpDi48_XlSpq6Ns_8zM0nEBU0WLaZLEXV23PHdCo288VFKhhcYsP1hbd_-QNhZG1Q3dtgjsvIu_XXLsz0cjt3OSqwTGHbNFXRM1i0P9Fjdhwjgz7qiuVx4ssxY_lC80RceZxdvXeeyzqFGfMMKyY6GhkLJdVbzoxoc08anomfQo_IKSiAxxz0gQaWmb48IgmKm5l2rDABqbQTeez2zdas1W4zuZCzExBJUutvhllc2mIYx922-d8d2V-MSURBu72RATCqYOQWwT-QqtVUbKsmSootMn2k0e__YLBaeXBv-AX4x5Cpmld8vJD5DLO67ed6O5TMiBFGZ10_KI0EP4r9Yi7HeFWbp-GhfQDT4QFDF0PWuEudXYn4L7RZXR3jbITh6fwzAAebWqEgzdmITySmwAa2jOycCNKsXJvGYf1zqrEGyhfIBZMm7bx-iaYAXYgOAK0XhTbn9gesFvKC5_l4hZgxcFoDPRfr-HFs1NbIsA0pnw1PvOsyImem3EhS7loSVZiFc2gtgahOSEwXOykH-Ei9Ze880a52dz_nxT3y902I5ybdU6saL4HO7E2kriTb88KAzKGVBcqy_TzmgnJCFOKThXZCeQ0xMKQaMPccFuYXu3twsTusLZk7aZVrbanEuCHMIGc8FGrMJf-U8SomE1ZkOXiQ4TEhF4KDJUyITBvY_02ANfL0rgRqq2B5KICpIwBTU0_49RtlzVyH2w9eciLKgG6ifX5zgQZvlsprvt_o6d11mBmarL9CRSr-8p9frY08hnjdNozmrt__sldSkCNkHWFIkTZ1vuyBx1dYEvJ8YFKqXwOgV731hMyujPQICydJr0mOvsSb7YpYhZ9v_Y5-kN3mvAAIEphqvrjXlUzX0SqbsC3rZYyyySDlCl8SOeCpxpXChglMAHl7zpqtNJlAW4iaIF2S4p8IfInRqRY9C1X0AUo5EAdPnacqXPUsR_tpi6BKqwSrHZCrSV11YM4-MgEwBPikmaICJhuNArd7BvKSURrDFENZt-eLsxiOinok33_coOHZWe5YJhZzKvJfKyxI6clnK2zceO1lNfdmTQzn04Ziq1nj1ZzOpON0Z-y_SHgYQaD3M-8ZoqD4c-30SfoPtJEuijoWViqlwWDgUrmgQ7GY-EI1u20c6OsuYXSuslTRExNwfMjwTTB80a3DovQXB0eWxe6QJernzeJq5gEmRh9v6VOLCMtAxa9971b0LFb74lYQtcB2Mus7R9F3XA2JdmNekqvB40WTmpmgvXMKjeZoM_UPdn8-FICA4d7AfaTDb0N7PxB8xlhrFC3BEA05FnICZBXhfiSVzgqGlIs-VtqRAIZctAjjkxFx41j2binNXk-k4N9fpbCDS2AILtQlLrRHiBjJ1y4YyeQX2ZgW1BxBe5-B77ZJ2etp5Pn_7MsEyCOaTWfL-vR8BYmDiVlvF3dw5pOVp56mIUNzjcgAI_zeR1PGNKl3LHLB9Jt9puRuhohUmLSqG7lcIU12MaaIbkSg60NIfLkUWxwXt0oPdkaFvkepe6D991o54RoAAzG43zk5qGS_t3VXuhL7KJiIO58xeqNPbNmngMUSjb5fQUA&pr=13:ZN-yuAAAAACxt46btyLri-hYVNYN9bAVZCD85A&cid=CAQSMgBpAlJW2Jnh1E63Tvec3QUGjCg6VZcvLHGE6Vcf_aKTfwLqrJ4z2M7aiZLibcNWgOhSGAE&dc_exteid=31218935421348103335063032697943787&dc_pubid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame 6885 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=971108&cmp=28961227&sid=6522286&plc=353629737&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Cache-Control
max-age=0
Connection
keep-alive
Expires
08/17/2023 18:04:43
8f32080d-884c-4645-b96b-1e1614eb4be7
a5587.casalemedia.com/impression/v2/645851/85/cjfr5e78ickr5l0rcie0/ Frame 6885 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5587.casalemedia.com/impression/v2/645851/85/cjfr5e78ickr5l0rcie0/8f32080d-884c-4645-b96b-1e1614eb4be7?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1692382180&profileIDs=&creativeID=20198c4&pubID=184603&format=native&channel=site
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.204.229.28 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:43 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
cs
cs.yellowblue.io/ Frame 3712
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO
  • https://cs.yellowblue.io/cs?aid=11590&id=LLGWH5J5-B-4TBO&us_privacy=1YNY
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LLGWH5J5-B-4TBO&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
H2
Server
107.23.140.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-140-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LLGWH5J5-B-4TBO&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 5774 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-42.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:15:32 GMT
via
1.1 65e185f36e65abff9322e261be3491d4.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
53352
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
vSX29_aseeBmmxoJmze9Y09Ql9iY3lB62oocQ95Idjwt0EFYM0i6jQ==
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 5774 		43 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B14%3BUSD%3B0.00000%3Bfalse%5EtraceId%3Ab566a667-3df1-11ee-aef3-062374d9c5eb%5EAS%2Fi%3Asynchroscript%3Bad_id%3A14%3Bzone_id%3A9%3Bview_key%3A1692381883503%3Bduration%3A0%3Baf%3A0.00000%3Btf%3A0.00000%3Bnp%3A0.00000%3Bgp%3A0.00000%3Bc%3AUSD%3Bbaf%3A0.00000%3Bbtf%3A0.00000%3Bbnp%3A0.00000%3Bbgp%3A0.00000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A4%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=&referer=https%3A%2F%2Fsync.serverbid.com%2F&listenerId=dc02e61d526d7041f88fa01673562d72&sessionId=5fb5c722fe9423aab97ece695a6b33cf&ip=%3A%3Affff%3A38.132.118.72&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&us_privacy=null&cbs=8823669&aw_0_req.gdpr=false&aw_0_azn.pname=%5B%22Sync+Publisher%22%5D
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 18:04:43 GMT
Instance-id
i-02963e9b495215e63
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 32A3 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-42.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:15:32 GMT
via
1.1 65e185f36e65abff9322e261be3491d4.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
53352
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
oF7dK5wvFjZKlsSmIb4BnrugiwpXw6mW7GRk4f1rqzqilHgVYMY0zg==
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 32A3 		43 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B14%3BUSD%3B0.00000%3Bfalse%5EtraceId%3Ab565952a-3df1-11ee-bec9-0a89173b1177%5EAS%2Fi%3Asynchroscript%3Bad_id%3A14%3Bzone_id%3A9%3Bview_key%3A1692381883496%3Bduration%3A0%3Baf%3A0.00000%3Btf%3A0.00000%3Bnp%3A0.00000%3Bgp%3A0.00000%3Bc%3AUSD%3Bbaf%3A0.00000%3Bbtf%3A0.00000%3Bbnp%3A0.00000%3Bbgp%3A0.00000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A4%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=&referer=https%3A%2F%2Fsync.serverbid.com%2F&listenerId=dc02e61d526d7041f88fa01673562d72&sessionId=5e3a29cabdfd6091af1a48ec5c44fd9&ip=%3A%3Affff%3A38.132.118.72&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&us_privacy=null&cbs=1472432&aw_0_req.gdpr=false&aw_0_azn.pname=%5B%22Sync+Publisher%22%5D
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 18:04:43 GMT
Instance-id
i-01747da3382603fb9
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
688.json
id5-sync.com/g/v2/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/688.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3965/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
ba3b0648f2d1e34cadb8ab863d01f9b7a387574623811edf027a0d85e35fa3c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.9news.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6885 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://js-sec.indexww.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 19:57:03 GMT
x-content-type-options
nosniff
age
79660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Aug 2024 19:57:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6885 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://js-sec.indexww.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:56:27 GMT
x-content-type-options
nosniff
age
36496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 07:56:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6885 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://js-sec.indexww.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 10:45:32 GMT
x-content-type-options
nosniff
age
199151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 10:45:32 GMT
v2
de.tynt.com/deb/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=b7ZEtiCYqr6kX6aKkGJozW&dn=RCIV&cc=1&chmob=0&r=&us_privacy=1YNY&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=7&pu=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
5ce493c067fd77054248cf1bbd109c1d3ab1b1dd5e3854dadc536a75e3385ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 18 Aug 2023 18:04:42 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1855
expires
Sat, 26 Jul 1997 05:00:00 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame DB2E 		447 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
9309112941d22c1b957fd05b840dc8611d52b7abe3bdd9e3587259c25a759351

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 May 2023 18:56:29 GMT
server
cloudflare
age
159146
etag
W/"6477985d-6fd56"
x-powered-by
Love
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
7f8c14b61ab625e3-MIA
expires
Fri, 18 Aug 2023 19:04:43 GMT
v2
de.tynt.com/deb/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=b7ZEtiCYqr6kX6aKkGJozW&dn=RCIV&cc=1&chmob=0&r=&us_privacy=1YNY&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=7&pu=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
92aaf3557fb5764f95763486f984e7ba6b42d55dabf18bcd74fd781826d8e65a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1356
expires
Sat, 26 Jul 1997 05:00:00 GMT
2898604292826731013
s0.2mdn.net/simgad/ Frame 6885 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2898604292826731013
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/native/native-renderer-v1.0.15.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3de577df112c9eb6024eebbcd8abf4dc94f23bba5b2f8219d5d37e4c882a5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 19:25:08 GMT
x-content-type-options
nosniff
age
254375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139324
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 15:11:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Aug 2024 19:25:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6885 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f4bf47fe1f905f6d7f7738a8840cc85715b2fe6876c07fdcb75e84384b23a6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9801
x-xss-protection
0
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 5774 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&isDisableLogImpression=1&listenerId=dc02e61d526d7041f88fa01673562d72&cb=58625440502&charset=UTF-8&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9242fff8d8ac3faa26a2012cbfeed56e6df0365927f04afc24d7018bf7515146

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
Accept-Charset
utf-8
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b5ba6b50-3df1-11ee-817f-02f1ec32b417
Instance-id
i-03f2b612adfabd360
Access-Control-Allow-Origin
*
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
Content-Type
application/x-javascript;charset=UTF-8
Connection
keep-alive
Content-Length
1654
X-Application-Context
application:production
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 32A3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&isDisableLogImpression=1&listenerId=dc02e61d526d7041f88fa01673562d72&cb=36442364090&charset=UTF-8&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
61287137b5cc9f3923e0162b7267fa86a3941b3c349e7cf0dbcce1da7b458816

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:43 GMT
Accept-Charset
utf-8
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b5bc4010-3df1-11ee-9ae5-02b571652187
Instance-id
i-0af63b268f46d8e87
Access-Control-Allow-Origin
*
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
Content-Type
application/x-javascript;charset=UTF-8
Connection
keep-alive
Content-Length
1629
X-Application-Context
application:production
live-3390_00027.ts
livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/ 		541 KB
542 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/live-3390_00027.ts
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.185 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb49ee3c9a3bdf672248b7b883ebb980a4fd76d1f1aa104bbc33dedac4213255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
Akamai-Path-Timestamp
i=1692381876.674;xi=1692381876.694;xo=1692381878.194;s=1692381878.222;
Akamai-Mon-Iucid-Ing
2014548
Connection
keep-alive
Akamai-Mon-Iucid-Del
312833
Content-Length
554036
Pragma
no-cache
Last-Modified
Fri, 18 Aug 2023 18:04:36 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
X-Akamai-Live-Origin-QoS
d=7000;t=1692381876.679
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535922
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 17 Aug 2024 18:03:26 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Sports&us_privacy=1YNY&random=1692381883797.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Sports&us_privacy=1YNY&random=1692381883797.1
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlUtTVVPYjFGTjZXZkFZTGtBal9tZmZWMzFzZ1BwdVBHVVZJMi1kaUxqWWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEIvsl0zTiFbu-2dpqPuyNMA&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEIvsl0zTiFbu-2dpqPuyNMA&google_cver=1
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:44 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEIvsl0zTiFbu-2dpqPuyNMA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
db_sync
px.ads.linkedin.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&us_privacy=1YNY&_rand=1692381883797.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D5CC14ED32C0494B8D65B3A5C14EFCB6 Ref B: MIAEDGE1906 Ref C: 2023-08-18T18:04:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDNl0GObl0ZbH1GcIKxw==
cec9c022-2518-4275-90bb-40c27fa3670d
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&us_privacy=1YNY&ts=1692381883797.3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D64dfb2bc6edd410001bb870d%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/an/8342177640231574973?ch=64dfb2bc6edd410001bb870d&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/cec9c022-2518-4275-90bb-40c27fa3670d?ttd_puid=&gdpr=0&gdpr_consent=
0
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/ttd/cec9c022-2518-4275-90bb-40c27fa3670d?ttd_puid=&gdpr=0&gdpr_consent=
Protocol
H2
Server
44.207.214.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-214-52.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/cec9c022-2518-4275-90bb-40c27fa3670d?ttd_puid=&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 18:04:44 GMT
server
Kestrel
content-length
229
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&pcat=Sports&pdev=&pctry=US&referrer=https%3A%2F%2Fwww.9news.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%3A1692381884.2563138&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D2c33f1c8-7842-4c82...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=979321835791302801&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D2c33f1c...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%3A1692381884.2563138&pid=500040&it=1&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d%3A1692381884.2563138&_=169...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138&pid=500040&_li_chk=true&_=1692381884.26104&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1692381884.26104&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1692381884.26104&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1692381884.26104&iv=2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138
Date
Fri, 18 Aug 2023 18:04:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&us_privacy=1YNY&random=1692381883797.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2F...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D38f50135-3dcc-4b60-a270-799747dbc202%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8342177640231574973&pt=38f50135-3dcc-4b60-a270-799747dbc202%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%25...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=PvjFnDEO
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=PvjFnDEO
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1969&partner_device_id=PvjFnDEO
date
Fri, 18 Aug 2023 18:04:44 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a016-ash-prod.krxd.net
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1692381883797.6
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212153247920106
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212153247920106
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
4000000000004000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212153247920106
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
mapuid
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGTfsrtQl2vAHvTGAg%3D%3D&us_privacy=1YNY&random=1692381883797.7&pu=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemp...
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212153247920106&seg_code=33x&random=1692381884
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212153247920106&seg_code=33x&random=1692381884
Protocol
H2
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
an-x-request-uuid
3af13c59-55eb-480c-b069-f87d717a4a08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:43 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
402044000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212153247920106&seg_code=33x&random=1692381884
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6885 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 18:04:44 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BB16 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 May 2023 18:56:29 GMT
server
cloudflare
age
159147
etag
W/"6477985d-1c90"
x-powered-by
Love
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
7f8c14b85e7d25e3-MIA
expires
Fri, 18 Aug 2023 19:04:44 GMT
ast.js
acdn.adnxs.com/ast/ Frame E991 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
Tue, 11 Jul 2023 13:31:10 GMT
Date
Fri, 18 Aug 2023 18:04:44 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
16316
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
34495
X-Served-By
cache-lga21942-LGA, cache-mia-kmia1760054-MIA
Last-Modified
Mon, 10 Jul 2023 13:28:42 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1692381884.304902,VS0,VE0
ETag
W/"64ac078a-19032"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
287041, 4095
apstag.js
c.amazon-adsystem.com/aax2/ Frame D98A 		247 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb24602a785ce2f3e175d779885c87d604e712c4eb1a5dd78a1380781c7dac3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 17:29:51 GMT
content-encoding
gzip
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront), 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 14:49:34 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
2094
x-amz-server-side-encryption
AES256
etag
W/"bac9efbb7b4c1b9520fd904fd0d1d62f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
aQS_leUm_w_81ec_hz4T5ZDoCzMqgnF8Tc9qG-jzRM48AnZ3a4rfbg==
authorize
sic.33across.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=1YNY&version=3.26.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&referrerURL=&publisherId=b7ZEtiCYqr6kX6aKkGJozW&publisher=tegna_desktop_sectionfront.com&maxTouchPoints=0&navigatorPropsCount=63&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=4350&_=1692381884230&callback=_tynt_jp.a8k4i76ep
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
/ Love
Resource Hash
82d1189c8362891b9252628ca63cdcbe1fe727cd6d07dba83ebc16f5b43a7fa2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Love
etag
W/"74c-JwfU4RC4svm9w4JZPTjJ3A7Sfiw"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization
view
securepubads.g.doubleclick.net/pcs/ Frame DB2E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdmeGECpSgfFgS-jq5EcTQWGW89kVqD3pKKRAVfd2NvDLsXioThQVIcoMPtgS04AmrapaUZnadcNS7uXxEMzs5aTf0nkUZBvbgh7og9aKIWselCJtYPOPrs9QvrtMizWUnoonRX2ZhqyVmvCVOpt-PT7v-mDFCGZbGKL0xMvfjoeYJDKvYQ2AjnBdESIMQGWN6zVAu2nK1XlqRjG5rfdBQqC27DgPMWUTnjNv1urhvWtBrvgQe4wi9gbl4UkfSWIMR-j15U1eMfcCklm8YI4wzM2MK3PACkrg1G_g3SDoevUIuCjMs1uXCapFPfypp2qpWdEzulaHU3MUw91VMH2-eY6UZbue5roCE2Y3HJ088LIJp_wg3Fl_UKkAQTJnyzmzcxI53kbucV0M&sai=AMfl-YSOqWoDtdNL75k__dsvfmBQUcCg7dj9eGWrMvLGg2xRZTQeBp1mXPQju5bkuBQsSV7M0UJPbxWQJBtqoZtACMvU2gmUdQsPTEHjjUupFodG4AGlelIea-i7rOhEgeI&sig=Cg0ArKJSzNF2zWJLPQIPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 18 Aug 2023 18:04:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0922 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshf4-a3aAW1DqbIkODN0P6EhgwzQZczwJWPTWCCSySF1Ghfb4Wc39_gwWYoYaNCulWahosAlM8AIrEyHL3ZRS1mu_OW8jirGi43CKSQ7DE1ldL9G9f&sig=Cg0ArKJSzCBkTfzx7FkTEAE&id=lidar2&mcvt=1141&p=162,1070,412,1370&mtos=1141,1141,1141,1141,1141&tos=1141,0,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2565364599&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692381881728&rpt=1318&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 7C48
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&id=b7ZEtiCYqr6kX6aKkGJozW&dn=RCIV&cc=1&chmob=0&r=&us_privacy=1YNY&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=7&pu=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF92
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1692381883963.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pre...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_...
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&id=b7ZEtiCYqr6kX6aKkGJozW&dn=RCIV&cc=1&chmob=0&r=&us_privacy=1YNY&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=7&pu=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142216
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:44 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 18:04:44 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP015
x-33x-status
40000000008200000A
match
events-ssc.33across.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1YNY
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=4sFL9glzVMVgpwr4qouw3CaEdkg&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-D9TN08VE2uHl5XKJNPM9uWemgqhft48l~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-D9TN08VE2uHl5XKJNPM9uWemgqhft48l%7EA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-D9TN08VE2uHl5XKJNPM9uWemgqhft48l%7EA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-D9TN08VE2uHl5XKJNPM9uWemgqhft48l%7EA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1YNY
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=516bb2b41c9315f0&is_secure=true&networkId=78390&version=1&us_privacy=1YNY
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABw5NPE5oODAMzbz-oAAAAAAA&expiration=1692468284&is_secure=true&us_privacy=1YNY
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABw5NPE5oODAMzbz-oAAAAAAA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABw5NPE5oODAMzbz-oAAAAAAA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABw5NPE5oODAMzbz-oAAAAAAA&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=33&xu=572205591462893908588
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=572205591462893908588&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=572205591462893908588&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=572205591462893908588&ts=1692381884&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 5774
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561811&ev=1&us_privacy=&rurl=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=contextweb.com&idType=cookie&partnerUserId=%%VGUID%%
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=contextweb.com&ev=1&idType=cookie&us_privacy=&partnerUserId=dDwU09hZAwd6&pid=561811
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=contextweb.com&ev=1&idType=cookie&us_privacy=&partnerUserId=dDwU09hZAwd6&pid=561811
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b607c800-3df1-11ee-b04d-069a97f0b3b7
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-049eaae11259fb7b7

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=contextweb.com&ev=1&idType=cookie&us_privacy=&partnerUserId=dDwU09hZAwd6&pid=561811
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 5774 		43 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B68%3BUSD%3B0.00000%3Bfalse%5EtraceId%3Ab5ba92fb-3df1-11ee-af6a-02f1ec32b417%5EAS%2Fi%3Asynchroscript%3Bad_id%3A68%3Bzone_id%3A8%3Bview_key%3A1692381884045%3Bduration%3A0%3Baf%3A0.00000%3Btf%3A0.00000%3Bnp%3A0.00000%3Bgp%3A0.00000%3Bc%3AUSD%3Bbaf%3A0.00000%3Bbtf%3A0.00000%3Bbnp%3A0.00000%3Bbgp%3A0.00000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A33%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&listenerId=dc02e61d526d7041f88fa01673562d72&sessionId=b4b3fa52d19ec6be367687347b8ed693&ip=%3A%3Affff%3A38.132.118.72&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&us_privacy=null&cbs=6318297&isDisableLogImpression=1&charset=UTF-8&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&withtext=1
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 18:04:43 GMT
Instance-id
i-04aa1579037086860
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame BB16 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55266497&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a36585f998776de2a32ee7ce5ce97784d99ae6821f75478f73a6708a914abe1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 32A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=$UID&partnerDomain=adnxs.com&idType=cookie&referrer=https://www.website.com
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=8342177640231574973&partnerDomain=adnxs.com&idType=cookie&referrer=https://www.website.com
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=8342177640231574973&partnerDomain=adnxs.com&idType=cookie&referrer=https://www.website.com
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b60ea5d0-3df1-11ee-80f1-0645292ffa5b
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-02bc82d4c999d6b07

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
an-x-request-uuid
1fa689e1-56bf-453c-98c7-af5710085083
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=8342177640231574973&partnerDomain=adnxs.com&idType=cookie&referrer=https://www.website.com
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 32A3 		43 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B16%3BUSD%3B0.00000%3Bfalse%5EtraceId%3Ab5bc67f8-3df1-11ee-86bb-02b571652187%5EAS%2Fi%3Asynchroscript%3Bad_id%3A16%3Bzone_id%3A8%3Bview_key%3A1692381884063%3Bduration%3A0%3Baf%3A0.00000%3Btf%3A0.00000%3Bnp%3A0.00000%3Bgp%3A0.00000%3Bc%3AUSD%3Bbaf%3A0.00000%3Bbtf%3A0.00000%3Bbnp%3A0.00000%3Bbgp%3A0.00000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A6%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&listenerId=dc02e61d526d7041f88fa01673562d72&sessionId=8adccc70518cd95937d252216836c12&ip=%3A%3Affff%3A38.132.118.72&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&us_privacy=null&cbs=5075486&isDisableLogImpression=1&charset=UTF-8&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&withtext=1
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 18:04:43 GMT
Instance-id
i-01976f53423a96916
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 5774 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&cb=92649702693&charset=UTF-8&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cfe981f16c485865a363b58b567bff4f29f5897dbd6f2ab5b4b2ba5b3afc2860

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
Accept-Charset
utf-8
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b5feee60-3df1-11ee-b697-0a5419961e17
Instance-id
i-073f658df583bd115
Access-Control-Allow-Origin
*
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
Content-Type
application/x-javascript;charset=UTF-8
Connection
keep-alive
Content-Length
1637
X-Application-Context
application:production
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 32A3 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&cb=6846525686&charset=UTF-8&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f9d0e9b2d158a5c6e9983b5fa525f0bccc5f7abd54ebb81c5905f704725156e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
Accept-Charset
utf-8
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b6072bc0-3df1-11ee-aa27-0a6c1d121df5
Instance-id
i-0b647295e8d4b723d
Access-Control-Allow-Origin
*
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
Content-Type
application/x-javascript;charset=UTF-8
Connection
keep-alive
Content-Length
1473
X-Application-Context
application:production
PugMaster
image6.pubmatic.com/AdServer/ Frame CA68 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65469679&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2bdd5ff9d84c48ac7b21fb0d032cbefb65d98f3d04665356bcc433078cf1acd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 18:04:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 42EC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
13673
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 14:16:51 GMT
expires
Sat, 17 Aug 2024 14:16:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D98A 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 08:47:35 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
33430
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Ex8dKMPe3zn91jX-XRW6RK6snFZWEGsuUhp83oXVZu-hdAy2zy2K4A==
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame F882 		85 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760097-MIA
x-timer
S1692381885.603953,VS0,VE26
Pug
simage2.pubmatic.com/AdServer/ Frame B531
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 18 Aug 2023 18:04:44 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b4b3ad34-3df1-11ee-8cb3-719cb9187d87
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
Pug
image2.pubmatic.com/AdServer/ Frame E3D8
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_bd3caaeaf394422b86067
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_bd3caaeaf394422b86067
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Fri, 18 Aug 2023 18:04:44 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_bd3caaeaf394422b86067
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
image2.pubmatic.com/AdServer/ Frame 0FCB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb
42 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 18 Aug 2023 18:04:44 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame DBDC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:44 GMT
expires
Fri, 18 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
788148
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame B96D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 18 Aug 2023 18:04:44 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4sFL9glzVMVgpwr4qouw3CaEdkg&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame F305
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UYCeE6XS1Qx3PY5&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UYCeE6XS1Qx3PY5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 18:04:43 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UYCeE6XS1Qx3PY5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0ed882030d6020575@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame AB51
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321835791302801
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321835791302801
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 18 Aug 2023 18:04:44 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321835791302801
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 24A2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=998e5ecf-c5a3-4f28-b599-21e9af40e393&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959
42 B
511 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.185.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-185-242.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:45 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 18 Aug 2023 18:04:44 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3BD0C7A-B371-4686-9220-ADA9A334E959
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 8037
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 18:04:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
insync
thrtle.com/ Frame BB16 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.38.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-38-193.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 18 Aug 2023 18:04:44 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame BB16 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame BB16 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.104.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-104-173.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame BB16 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:44 GMT
usync.js
eus.rubiconproject.com/ Frame 7C48 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27929
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
generate_204
tpc.googlesyndication.com/ Frame 7B2B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?R-ul9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 5774
Redirect Chain
  • https://eu.ads.audio.thisisdax.com/sp_sync?sp_id=1&redir=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2FsyncMe%3FpartnerDomain%3Dthisisdax.com%26idType%3Dcookie%26partnerUserId%3D${DAX_LI...
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=thisisdax.com&idType=cookie&partnerUserId=6699078FC83D87283989CE2BF38177EF
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=thisisdax.com&idType=cookie&partnerUserId=6699078FC83D87283989CE2BF38177EF
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b67ea5b0-3df1-11ee-9583-0ad90d3cc565
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-088a36c96cf95754f

Redirect headers

Location
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=thisisdax.com&idType=cookie&partnerUserId=6699078FC83D87283989CE2BF38177EF
Date
Fri, 18 Aug 2023 18:04:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 5774 		43 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B62%3BUSD%3B0.00000%3Bfalse%5EtraceId%3Ab5ff1584-3df1-11ee-bfad-0a5419961e17%5EAS%2Fi%3Asynchroscript%3Bad_id%3A62%3Bzone_id%3A8%3Bview_key%3A1692381884501%3Bduration%3A0%3Baf%3A0.00000%3Btf%3A0.00000%3Bnp%3A0.00000%3Bgp%3A0.00000%3Bc%3AUSD%3Bbaf%3A0.00000%3Bbtf%3A0.00000%3Bbnp%3A0.00000%3Bbgp%3A0.00000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A28%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&listenerId=dc02e61d526d7041f88fa01673562d72&sessionId=f5df646e76ae4d6604f14d0cb2ee37a&ip=%3A%3Affff%3A38.132.118.72&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&us_privacy=null&cbs=349320&charset=UTF-8&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&withtext=1
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 18:04:44 GMT
Instance-id
i-090869e75ad4a1a90
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 45C1
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815495536687
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815495536687
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815495536687
Pug
simage2.pubmatic.com/AdServer/ Frame AF05
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 18 Aug 2023 18:04:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame D60C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f8c14bdce28031c-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f8c14bc5c22031c-MIA
content-type
text/html
date
Fri, 18 Aug 2023 18:04:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
2590
Pug
image2.pubmatic.com/AdServer/ Frame 4F28
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8e65b601ffd64ab78b8fdc6231c278f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8e65b601ffd64ab78b8fdc6231c278f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8e65b601ffd64ab78b8fdc6231c278f7&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 9B36
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7622490810
  • https://sync.1rx.io/usersync3/mediamathtest/1508/772b64df-b2bd-4800-8735-0aa640d77ef7?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:45 GMT
ETag
RXa8c4e4e111a74d9faacc9304e2e3bbb6005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame 96C4 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 18 Aug 2023 18:04:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 82BA
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t73J9BPICYmy_shbvbLfZA
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t73J9BPICYmy_shbvbLfZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t73J9BPICYmy_shbvbLfZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 5D1B
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ab840700-4629-4c01-a0fb-8dff8340a404
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ab840700-4629-4c01-a0fb-8dff8340a404
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 18 Aug 2023 18:04:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ab840700-4629-4c01-a0fb-8dff8340a404
strict-transport-security
max-age=15724800; includeSubDomains
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame CA68 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b630d3d0-3df1-11ee-8e47-029b9a5c2905
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-03627bb6f07b9f689
362358.gif
idsync.rlcdn.com/ Frame CA68
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPPsV09fqFcDd_imbb7LQzc&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPPsV09fqFcDd_imbb7LQzc&google_cver=1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPPsV09fqFcDd_imbb7LQzc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C3BD0C7A-B371-4686-9220-ADA9A334E959/gdpr=0/ Frame CA68 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C3BD0C7A-B371-4686-9220-ADA9A334E959/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.100
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame CA68 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame CA68
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4844965109403605106
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4844965109403605106
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4844965109403605106
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame CA68
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8342177640231574973
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8342177640231574973
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
an-x-request-uuid
1984adff-b045-482f-9d0a-9d9fc7e51767
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8342177640231574973
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7FDD 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49a76594598ff5568a4fa6429e6d6365769e0859b8e1e913b49768583c8cd5e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28864
x-xss-protection
0
server
cafe
etag
996 / 19587 / m202308150101 / config-hash: 6865334963093270093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 18:04:44 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E991 		166 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
448e9db1fb3f22464605116b041e8a2506ded0acd97cad2e5e491e09d8a46ed6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
an-x-request-uuid
ee4f762e-31eb-4f19-9aae-73a835e30641
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
166
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E991 		160 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7ff89607a705ba164206d25a8a8f292ada6d0ae31757f832c35875664b09ebe2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
an-x-request-uuid
db24342d-9ad6-4e44-afc1-4424d9dac29d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
160
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E991 		166 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e3e0b4a44224b92e7282254d16fce9979956e5019bb077a4b7d0c68fa159d3c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
an-x-request-uuid
04921b4d-0269-47bb-90dc-e18ae93b4af1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
166
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
jstag
33across-d.openx.net/w/1.0/ Frame 33ED 		170 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
678f6c6aa3fc801e39e67f813c12e74f0b3bfbedcddc2e770f0d6b172c8c76d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59075
expires
Fri, 18 Aug 2023 19:04:44 GMT
jstag
33across-d.openx.net/w/1.0/ Frame 52CC 		170 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
66c1893dd97b78f16eb97cbf5523d31c61262b1a2a0dfb7b6882b1387cf98188

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59080
expires
Fri, 18 Aug 2023 19:04:44 GMT
jstag
33across-d.openx.net/w/1.0/ Frame 9D5D 		170 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
40a5ed7f75ee33b0e2dcda682c8890fdd626e7cffa01f6b56a1e2a5e874300fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59077
expires
Fri, 18 Aug 2023 19:04:44 GMT
exchange
ssc.33across.com/api/ 		141 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
17ebac44db06ac7e1e99a153513f40c7661ea1311fb9a69f81efeadf417e6384

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
config
c.amazon-adsystem.com/cdn/prod/ Frame D98A 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.9news.com&pubid=2840f06c-5d89-4853-a03e-3bfa567dd33c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 12:59:11 GMT
via
1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
18333
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.9news.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
oCd_a0FSTifNQ5PjhI4AwvD7HaS79vjGRQKhC5s-QDkfyhLgrP7RGA==
bid
aax.amazon-adsystem.com/e/dtb/ Frame D98A 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&pid=66EHUs0p8lti6&cb=0&ws=1x1&v=23.814.1438&t=2000&slots=%5B%7B%22sd%22%3A%22amz-slot-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22b7ZEtiCYqr6kX6aKkGJozW%3Ainview%3Adesktop%3AUS%3Atier1%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&pubid=2840f06c-5d89-4853-a03e-3bfa567dd33c&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
DS9BFKT2JBGZ9AXRRGWC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
N5mT0aWlutTYYvHJ1wWQ5Tfb-mG23iycIjJqxBkjw0uHxwArNNbdbg==
2.m3u8
livevideo.tegnadigital.com/kusa/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/c0c20d39-dac3-4595-8b4a-26137601df2b/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/kusa/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/c0c20d39-dac3-4595-8b4a-26137601df2b/2.m3u8
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d4a7efc1f68e6b1ad441bd8c324bed0df281338fa388f2c9f177c9d6adb7aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:45 GMT
Content-Encoding
gzip
x-amzn-RequestId
a7c080e8-ac86-48c0-9e91-c98c9f334fec
Connection
keep-alive
Akamai-Mon-Iucid-Del
926974
Content-Length
304
Pragma
no-cache
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 18 Aug 2023 18:04:45 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 32A3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adswizz/
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=y-VG.PxjhE2pFuq75ANbY6SzP_Ox9o2revmJGV9A--~A&partnerDomain=yahoo.com&idType=cookie
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=y-VG.PxjhE2pFuq75ANbY6SzP_Ox9o2revmJGV9A--~A&partnerDomain=yahoo.com&idType=cookie
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:44 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
b66132a0-3df1-11ee-864c-066e5553badb
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-032203322ca5c11d3

Redirect headers

date
Fri, 18 Aug 2023 18:04:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=y-VG.PxjhE2pFuq75ANbY6SzP_Ox9o2revmJGV9A--~A&partnerDomain=yahoo.com&idType=cookie
content-length
0
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 32A3 		43 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B57%3BUSD%3B0.00000%3Bfalse%5EtraceId%3Ab6072c1c-3df1-11ee-883e-0a6c1d121df5%5EAS%2Fi%3Asynchroscript%3Bad_id%3A57%3Bzone_id%3A8%3Bview_key%3A1692381884561%3Bduration%3A0%3Baf%3A0.00000%3Btf%3A0.00000%3Bnp%3A0.00000%3Bgp%3A0.00000%3Bc%3AUSD%3Bbaf%3A0.00000%3Bbtf%3A0.00000%3Bbnp%3A0.00000%3Bbgp%3A0.00000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A23%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&listenerId=dc02e61d526d7041f88fa01673562d72&sessionId=7b950102767756f37b7bb16f5eaba2e&ip=%3A%3Affff%3A38.132.118.72&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&us_privacy=null&cbs=1560546&charset=UTF-8&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&withtext=1
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.58.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-58-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 18:04:44 GMT
Instance-id
i-02fcc489ec4f437b8
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
match
events-ssc.33across.com/ Frame 7C48
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1YNY&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LLGWH5J5-B-4TBO&us_privacy=1YNY
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLGWH5J5-B-4TBO&ts=1692381885&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLGWH5J5-B-4TBO&ts=1692381885&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLGWH5J5-B-4TBO&ts=1692381885&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 42EC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
247761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:15:24 GMT
live-3390_00028.ts
livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/ 		554 KB
555 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/live-3390_00028.ts
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.185 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afb395274729c0fc60d06bed1998a191a1d3b78f8ae68e57235b99af81142aed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:45 GMT
Akamai-Path-Timestamp
i=1692381882.661;xi=1692381882.696;xo=1692381884.170;s=1692381884.197;
Akamai-Mon-Iucid-Ing
2014548
Connection
keep-alive
Akamai-Mon-Iucid-Del
312833
Content-Length
567572
Pragma
no-cache
Last-Modified
Fri, 18 Aug 2023 18:04:42 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
X-Akamai-Live-Origin-QoS
d=7000;t=1692381882.663
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 17 Aug 2024 18:04:45 GMT
acj
33across-d.openx.net/w/1.0/ Frame 9D5D 		431 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://33across-d.openx.net/w/1.0/acj?o=29bf03db463c9d&ju=https%3A//www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53&jr=&be=1&prf=0&auid=538526169&aus=728x90&bc=hb_2api&bt=5000&us_privacy=1YNY&c.placement=b7ZEtiCYqr6kX6aKkGJozW%3AISP%3Adesktop%3AUS%3Atier3&c.pf=150&c.cc=168&res=1600x1200x24&plg=pm&ch=UTF-8&tz=600&ws=1x1&ifr=1&tws=1600x1200&bi=db712483-f649-4f89-8742-0417f9556027&ba=1692381885
Requested by
Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3c3432547e64ebec0e8184ef2e62a7510268897ad4998699b50542f70985f08d

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.9news.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl_fy2012.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ Frame 7FDD 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl_fy2012.js?cb=31076166
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 17:36:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
1666
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129634
x-xss-protection
0
server
cafe
etag
8962464231799197432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 17 Aug 2024 17:36:59 GMT
acj
33across-d.openx.net/w/1.0/ Frame 52CC 		432 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://33across-d.openx.net/w/1.0/acj?o=28bfd2a91e5142&ju=https%3A//www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53&jr=&be=1&prf=0&auid=538526169&aus=728x90&bc=hb_2api&bt=5000&us_privacy=1YNY&c.placement=b7ZEtiCYqr6kX6aKkGJozW%3AISP%3Adesktop%3AUS%3Atier2&c.pf=185&c.cc=168&res=1600x1200x24&plg=pm&ch=UTF-8&tz=600&ws=1x1&ifr=1&tws=1600x1200&bi=db712483-f649-4f89-8742-0417f9556027&ba=1692381885
Requested by
Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8b36bebe99877a38bb3f5329eb1f7fb64bd66e3555851a13d0a2b5f91ae6ef91

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.9news.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
expires
Mon, 26 Jul 1997 05:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0A11 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37434709&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fb24a1c19a15d3ac4f5fdd16ae409ed45aed01b5bf4c8d137b4bd86395d9a85c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 18:04:43 GMT
content-length
1456
content-type
text/html; charset=UTF-8
acj
33across-d.openx.net/w/1.0/ Frame 33ED 		574 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://33across-d.openx.net/w/1.0/acj?o=20ff0e6e1d4987&ju=https%3A//www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53&jr=&be=1&prf=0&auid=538526169&aus=728x90&bc=hb_2api&bt=5000&us_privacy=1YNY&c.placement=b7ZEtiCYqr6kX6aKkGJozW%3AISP%3Adesktop%3AUS%3Atier1&c.pf=300&c.cc=168&res=1600x1200x24&plg=pm&ch=UTF-8&tz=600&ws=1x1&ifr=1&tws=1600x1200&bi=db712483-f649-4f89-8742-0417f9556027&ba=1692381885
Requested by
Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
86fc94fcfd038ab7ce231beb1002bca99e820f6d2ac6fcb92047e3f8045cd5d1

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.9news.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
expires
Mon, 26 Jul 1997 05:00:00 GMT
pd
us-u.openx.net/w/1.0/ Frame F74C 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Requested by
Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6c38a81d823568bfb8dd5e95dea9daccd5c1c37140b650d541808c7a34da6e78

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
627
content-type
text/html
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame EDE6 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10372166&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fb24a1c19a15d3ac4f5fdd16ae409ed45aed01b5bf4c8d137b4bd86395d9a85c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 18:04:45 GMT
content-length
1456
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame DB2E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-H0X_uIfzzWazw00pae6rX_Df9c7knTn7MCj8pgFzatvR1q4yG8H6yRM53I3uHpTUet23qdCwIH6f-4c1URDrnmpg8RuBYhQGkE2Mn2_I2YIVftMz&sig=Cg0ArKJSzBaJPkzBRJyrEAE&id=lidar2&mcvt=1080&p=30,799,31,800&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1190557696&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692381881482&rpt=2753&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
us-u.openx.net/w/1.0/ Frame E645 		868 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Requested by
Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
41d1a0b500ce0da4f2137de6db228afa93c113a30a0b299d9c3b54283797d85d

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
515
content-type
text/html
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_2_1/infra/ 		901 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4ce7739249a41529581c3d8d38ab20041690decd52cf0d78fdea96faecd72644

Request headers

Referer
https://www.9news.com/
Origin
https://www.9news.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime
1692189134
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2F9TEDZMHDR55S6G
age
192631
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692189134
x-amz-meta-mode
33188
content-length
151987
x-amz-id-2
SAr7FVI1PfF0LVZRzUc6J3D4h4Cy7adF4NpjsliDSI7KEvZZHury0S7R8I2Z70+9tYe1tw/YVhU=
x-served-by
cache-mia-kmia1760064-MIA
last-modified
Wed, 16 Aug 2023 12:32:15 GMT
server
AmazonS3-br
x-timer
S1692381885.414061,VS0,VE0
etag
"d7e847d1c3c7d8349942a40f22a534d0"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
24722
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_1/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime
1692189153
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2F9X49HGD86Z60XG
age
192631
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692189153
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
OxWuCkwM8QJMeCoxxb/faHPyzxgzZ1zmGZ8rmE1+nhOrmFWFXmkjCmW2Aiunj55XorSfgJ37uA0=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Wed, 16 Aug 2023 12:32:34 GMT
server
AmazonS3-br
x-timer
S1692381885.412890,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
103104
sd
us-u.openx.net/w/1.0/ Frame F74C
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=0096e24d-9951-06f8-18c2-d191646355e7&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN-yvd-jWh7TFqIs08ekkzY1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN-yvd-jWh7TFqIs08ekkzY1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 18:04:45 GMT
server
Aorta/20230817.d884ef624
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN-yvd-jWh7TFqIs08ekkzY1
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
5cc5b13a59d9
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame F74C
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=wE5clGKtg5iIIwZnU0hhbA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F74C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=a2fb9ede-b4be-49ec-954b-55ac4d60984a
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=a2fb9ede-b4be-49ec-954b-55ac4d60984a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=a2fb9ede-b4be-49ec-954b-55ac4d60984a
Date
Fri, 18 Aug 2023 18:04:45 GMT
Connection
keep-alive
X-CI-RTID
26f0a7eb-9321-4faa-b65e-e820499978f8
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame F74C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F74C 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=1966a554-902c-0731-24b6-d206b3dd9ada
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame F74C 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=31dc5521-1341-00ff-3d70-8bda17f2afbf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362588.gif
idsync.rlcdn.com/ Frame F74C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=4adea9ce-066c-0cd6-312e-ca23b9ca3a0e
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
date
Fri, 18 Aug 2023 18:04:46 GMT
server
Kestrel
content-length
199
sd
us-u.openx.net/w/1.0/ Frame F74C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8342177640231574973
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8342177640231574973
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
an-x-request-uuid
e83de6e9-98a2-4def-b876-3925060c4369
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8342177640231574973
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F74C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3278840519872068504&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3278840519872068504&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3278840519872068504&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame F74C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN_yugAJkOfzIgBY
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN_yugAJkOfzIgBY
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760097-MIA
pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692381886.533086,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN_yugAJkOfzIgBY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pd
us-u.openx.net/w/1.0/ Frame 47F7 		1 KB
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Requested by
Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0362dafd95d25a560a28d0899cbfdc355936ec576e8d2d3606ad2c43aa7e850c

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
595
content-type
text/html
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookiesync
core.iprom.net/ Frame A2AA 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:46 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-628bcc0a913a@version_1.566
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame BCCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:46 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 88B8
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456682851828574129&uid=Q745668285182857...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682851828574129
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682851828574129
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=45894
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682851828574129
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 18 Aug 2023 18:04:45 GMT
expires
Thu, 17 Aug 2023 18:04:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 2C15 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
P2FHF5VEMJVGM1HVG518
/
bpi.rtactivate.com/tag/ Frame 0A11 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-101-220.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i6.liadm.com/s/ Frame 0A11
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C3BD0C7A-B371-4686-9220-ADA9A334E959
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C3BD0C7A-B371-4686-9220-ADA9A334E959
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:fdb3:b355:1994:e0eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:46 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Date
Fri, 18 Aug 2023 18:04:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
qmap
sync.crwdcntrl.net/ Frame 0A11 		49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.71
content-length
49
expires
0
/
io.narrative.io/ Frame 0A11
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
  • https://io.narrative.io/?io.narrative.guid.v2=b6d418b0-3df1-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=b6d418b0-3df1-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
54.225.219.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-219-245.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:46 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=b6d418b0-3df1-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
Date
Fri, 18 Aug 2023 18:04:45 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0A11
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1862c700-54dd-4546-9455-41a6072353e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1862c700-54dd-4546-9455-41a6072353e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1862c700-54dd-4546-9455-41a6072353e9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 18 Aug 2023 18:04:45 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sd
us-u.openx.net/w/1.0/ Frame E645
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nz12BMs7cFuEOSRWmj4_WpwxdwSEO3YDyzlRhGcv
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nz12BMs7cFuEOSRWmj4_WpwxdwSEO3YDyzlRhGcv
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nz12BMs7cFuEOSRWmj4_WpwxdwSEO3YDyzlRhGcv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E645
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=66b1fa93-2ac7-47d8-832e-50b904d41770&user_group=1&ssp=openx&bsw_param=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=eb6f7b88-a4bc-4e60-bf79-710517cb86e8&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 18 Aug 2023 18:04:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame E645
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=979321835791302801
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=979321835791302801
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=979321835791302801
Date
Fri, 18 Aug 2023 18:04:45 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame E645
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=BB882163254D4174AB34F94472E55A64
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BB882163254D4174AB34F94472E55A64
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 18:04:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BB882163254D4174AB34F94472E55A64
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Aug 2023 18:04:45 GMT
57424
i.liadm.com/s/ Frame E645 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=1fae0a2c-fcf1-00c7-2cd1-b6d60ac79a39
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.122.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-122-129.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:45 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
5
Content-Type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame E645 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=039a36d6-84e7-0127-0415-c65a0097c9f0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-63.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
49dro5XOXpBKGZ5UOBET_SbtxV_iBBbt2-y4Moihfgs9NUs3jnhqIA==
expires
0
/
bpi.rtactivate.com/tag/ Frame E645 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=8137fd57-14a3-08ca-08fc-65d972a93e07
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-101-220.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
37274
stags.bluekai.com/site/ Frame E645 		62 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=380c8e0e-fe5c-0737-14a0-d5f41b013b65
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
2294
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame E645 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame E645
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=b3b54322-d3b3-1f80-997e-0123a59c1b14
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0r27jucusl1i9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0r27jucusl1i9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0r27jucusl1i9
cache-control
no-cache
cf-ray
7f8c14c2e98dda1f-MIA
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F580 		625 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14241871&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0fabdc72d372e17f97f068e71888384da61697963cc340e51d55965a4c25fe90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 18:04:45 GMT
content-length
625
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=ef5aaee7cfe15f0&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAH3bQhF4TwUgMhNQ70AAAAAAA&expiration=1692468286&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAH3bQhF4TwUgMhNQ70AAAAAAA&expiration=1692468286&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAH3bQhF4TwUgMhNQ70AAAAAAA&expiration=1692468286&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7456682861811089444&uid=Q7456682861811089444&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7456682861811089444
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7456682861811089444
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 18 Aug 2023 18:04:46 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7456682861811089444
Content-Type
text/html
Cache-Control
max-age=45894
Connection
keep-alive
Content-Length
154
sd
us-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncOpenX
  • https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_b49a7c60-3df1-11ee-9934-120817463c8f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_b49a7c60-3df1-11ee-9934-120817463c8f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537077954&val=cuid_b49a7c60-3df1-11ee-9934-120817463c8f
date
Fri, 18 Aug 2023 18:04:45 GMT
content-type
text/plain
sd
us-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=1623a715-5e54-0328-190c-f437728fa3ea
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662106876211246
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662106876211246
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1446
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662106876211246
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f8c14c48f24031c-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
sync.targeting.unrulymedia.com/csync/ Frame 47F7
Redirect Chain
  • https://sync.1rx.io/usersync/openx/8c2ec6ca-b09e-08dd-3eba-133826e917aa
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:46 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:45 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AAC0Ik7Jv2UAACTqc7GRqQ&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AAC0Ik7Jv2UAACTqc7GRqQ&id=537125688
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AAC0Ik7Jv2UAACTqc7GRqQ&id=537125688
Date
Fri, 18 Aug 2023 18:04:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 47F7 		61 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=d734bf37-602b-0056-0d18-34be32bec90a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 18:04:45 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 18:04:45 GMT
sd
us-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_1079D40AC_2E2BF9C4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_1079D40AC_2E2BF9C4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_1079D40AC_2E2BF9C4
Date
Fri, 18 Aug 2023 18:04:45 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-375386616; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=UYCeE6XS1Qx3PY5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=UYCeE6XS1Qx3PY5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0da94c7f55bec3b76@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=UYCeE6XS1Qx3PY5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 47F7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4844965109403605106
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4844965109403605106
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&bi=db712483-f649-4f89-8742-0417f9556027&gdpr=0&us_privacy=1YNY&bi=db712483-f649-4f89-8742-0417f9556027
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4844965109403605106
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
bpi.rtactivate.com/tag/ Frame EDE6 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.101.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-101-220.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i.liadm.com/s/ Frame EDE6 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.122.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-122-129.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:45 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame EDE6 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.58
content-length
49
expires
0
/
io.narrative.io/ Frame EDE6
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
  • https://io.narrative.io/?io.narrative.guid.v2=b6dd8e90-3df1-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=b6dd8e90-3df1-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
Protocol
HTTP/1.1
Server
54.225.219.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-219-245.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:46 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=b6dd8e90-3df1-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:C3BD0C7A-B371-4686-9220-ADA9A334E959
Date
Fri, 18 Aug 2023 18:04:45 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
cookiesync
core.iprom.net/ Frame 5A91 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:46 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-ce489811eb71@version_1.566
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 3D7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 18:04:46 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame A4FF
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456682861553270732&uid=Q745668286155327...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682861553270732
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682861553270732
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=45894
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7456682861553270732
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame E32B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 18 Aug 2023 18:04:45 GMT
expires
Thu, 17 Aug 2023 18:04:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB882163254D4174AB34F94472E55A64&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame EDE6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9573d229-ef09-4f10-bbba-f4744b5fb487&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9573d229-ef09-4f10-bbba-f4744b5fb487&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 18:04:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9573d229-ef09-4f10-bbba-f4744b5fb487&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 18 Aug 2023 18:04:46 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
usersync
x.serverbid.com/ Frame 4802 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Fri, 18 Aug 2023 18:04:45 GMT
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/ 		447 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa56a655b6cb77a3c0035819033d02970bba3770850f506e8d61163098ab63a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-mtime
1692176463
date
Fri, 18 Aug 2023 18:04:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
J84W8S3MBPXAX173
age
205368
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692176476
x-amz-meta-mode
33188
content-length
85942
x-amz-id-2
cEwR/yVZAWkCJU6xc/LyCr3aiFxmeZXUmNd8pFO7OacD/QXYCyXYrIw/eMOFPg6FBZWYKPvpD/0=
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Wed, 16 Aug 2023 09:01:17 GMT
server
AmazonS3-br
x-timer
S1692381886.981971,VS0,VE0
etag
"4992e49389d98d37c3b5ca7742d2f7dd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
103380
sync
ch-match.taboola.com/ Frame 58AA 		371 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e69605d66a9a3cba13865b4bb3712f702a93a84fd8a8a16524440157933665e9

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 18:04:46 GMT
machineid
3802
server
nginx
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=&cb=1692381885922&uv=3321&tms=1692381885922&su=&abt=aniview_inc_vA!nonrv_vA!t120!ufm_vE&ft=0&unm=FEED_MANAGER&mntl=2&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
content-length
0
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ Frame 7FDD 		665 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4448700135153689&correlator=396765179750086&eid=31076166%2C31068366&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=32867010%3A32805352%2CA_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Df27532619ad99297%3AT%3D1692381880%3ART%3D1692381880%3AS%3DALNI_MaaMvhwEwcl3nw4-nA4elzv9AKldA&gpic=UID%3D00000d8c302b113b%3AT%3D1692381880%3ART%3D1692381880%3AS%3DALNI_MZE6HFPAPrMyCCdRXVi6lF-2JOfQA&abxe=1&dt=1692381886076&lmt=1692417886&adxs=8&adys=62&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=xaaemrr1fvh7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&ref=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&top=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&vis=1&psz=284x134&msz=284x0&fws=256&ohw=0&ea=0&ga_vid=1482041932.1692381879&ga_sid=1692381886&ga_hid=555107801&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRj9wMjOoDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKXKyM6gMUgAUgIIahIaCg1jcndkY250cmwubmV0EgAY-8nIzqAxSAASHQoOZXNwLmNyaXRlby5jb20Y_cDIzqAxSABSAghk&dlt=1692381884700&idt=961&prev_scp=c%3D10%26r%3D110%26d%3Dtegna_desktop_sectionfront.com%26g%3Db7ZEtiCYqr6kX6aKkGJozW%26gd%3Db7ZEtiCYqr6kX6aKkGJozW%253Adesktop%26cc%3D168%26pf%3D180%26pre%3Dapnx%253A0%2Cox%253A0%2Cttx%253A0%2Camzn%253A0%26pre_sz%3Dapnx%253A0x0%2Cox%253A0x0%2Cttx%253A0x0%2Camzn%253A0x0%26tier%3Dapnx%253A0%2Cox%253A0%2Cttx%253A0%2Camzn%253A0%26hb%3D0&adks=1053900279&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl_fy2012.js?cb=31076166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dac990d926ff6df3278dfb7e5d2fdd417ad30909c664cfccca8c0b124a2ec556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
376
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7FDD 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl_fy2012.js?cb=31076166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef6d8b801eb386754fc29b624e0b15c50f0efcde4724f04f9bc07c30d24f0ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11575
x-xss-protection
0
container.html
2266a7f10398fb304e945be267393acb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 480F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2266a7f10398fb304e945be267393acb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl_fy2012.js?cb=31076166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:46 GMT
expires
Sat, 17 Aug 2024 18:04:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame AD56 		311 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19307669&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a0f02c247655e1751c6076d142fee3716e0c573f88734765e99954aa3c74692c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 18:04:46 GMT
content-length
311
content-type
text/html; charset=UTF-8
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.9news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 8a771ca27e5a3c9e06b12b7af5d25aa4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MIA3-C3
age
288689
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-mia-kmia1760096-MIA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1692381886.200683,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
9EiAiFBVwZHmI3fGR78C7ATwwbmsDL1GB2xMpa136dVc18QTTk7V4g==
x-cache-hits
152282
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&cmcv=&pix=31579697&cb=1692381886190&uv=3321&tms=1692381886190&su=6&abt=aniview_inc_vA!nonrv_vA!t120!ufm_vE&ft=0&unm=FEED_MANAGER&su=6&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
content-length
0
server
nginx
usersync
x.serverbid.com/ Frame 2A01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Fri, 18 Aug 2023 18:04:45 GMT
p
a.audrte.com/ Frame F580
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWZsTldSZzd4b1VSUkc3YWNTNVEzMTkyQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4844965109403605106&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.235.212.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-212-6.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 18 Aug 2023 18:04:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame F580 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=C3BD0C7A-B371-4686-9220-ADA9A334E959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-63.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
7e-c6uCIC7HL2ds5H-xcO_iLY9ZfAU0hUW_JWJHW3hE8Z3RSt_amPA==
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame F580 		42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C3BD0C7A-B371-4686-9220-ADA9A334E959&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:46 GMT
Frontend-ID
5
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
2981
tags.bluekai.com/site/ Frame F580
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=f3c3c87a6ef9c3e9
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=N1JMTC82UWw5OTl6cjUyQQ%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHC9Np03eq6jAIRWwe1tIzE&google_cver=1
62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHC9Np03eq6jAIRWwe1tIzE&google_cver=1
Protocol
H2
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 18 Aug 2023 18:04:47 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEHC9Np03eq6jAIRWwe1tIzE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 58AA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1YNY
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70352

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g4P9Ei9E2uGQPWHdra3xxgf.IlrWZFVX~A&gdpr_in_effect=0
date
Fri, 18 Aug 2023 18:04:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/yeahmobidsprtb-network/1/rtb-h/ Frame 58AA
Redirect Chain
  • https://event.clientgear.com/cookie/taboola?partner=taboola
  • https://sync.taboola.com/sg/yeahmobidsprtb-network/1/rtb-h/?taboola_hm=mke840eb0bf5524587b7da392fb853c81f
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yeahmobidsprtb-network/1/rtb-h/?taboola_hm=mke840eb0bf5524587b7da392fb853c81f
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70058

Redirect headers

location
https://sync.taboola.com/sg/yeahmobidsprtb-network/1/rtb-h/?taboola_hm=mke840eb0bf5524587b7da392fb853c81f
date
Fri, 18 Aug 2023 18:04:46 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtb-h
sync.taboola.com/sg/freewheelrtb-network/1/ Frame 58AA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3570&gdpr=gdpr=0&&gdpr_consent=
  • https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=e51cbca298cb61bd34fc2d7583e3673&gdpr_consent=&gdpr=gdpr%3D0
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=e51cbca298cb61bd34fc2d7583e3673&gdpr_consent=&gdpr=gdpr%3D0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70058

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 18:04:46 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=e51cbca298cb61bd34fc2d7583e3673&gdpr_consent=&gdpr=gdpr%3D0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692381886409095-1152
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=554103391489545&bg=!1Nel14PNAAZGPLJIZjw7ADkAdvg8WsFYPVxluvme8Zm9U4Wi-jdsBmuUXoUOSGKsC2YotC-gRzTNsEHfCojK6bEhbYOz1wKKiJ0CAAAEuFIAAAGwaAEHCgBsdMiMQLoJNiWqS56nFqiLlTy0mDDLZ0Mk4Q25A4LjAwhMp7w54CeAJBP689d7qtFE2wUbY9_C_b1CyEfUlo3bR1MiZofWB7pfg0AS8qnW8gVZaMteGjftvn4Im52M3X-F4u_VMWmAo8HBAKpFmQLMcksl21PZmoyOV1MhdLnkBMcVdcn2PKncNsSBJ9NQs_3P501cS47xKSTp13DCfgCP7Duv8My6Vyvf5lhgJANLa7WQciqTKFTYamxKIaQ8klCGrAfFVHS0RCtrYk8qIZFYHjujAvS4CCTXUbhTpSiqjcRMRbVnt1Xq4fFWY3-KEVySTVo5usSjJNkbT7o8SSW81f9pTTg-YeIJjW559j5UswiCyOPp3rtXSsRxebHuwM6VSiCiL6LTVm7xA5EKoQUFl91Rzgh_FEZFNNkYW8WpHqq0_V_lLn9COet6Nj5YcfGHySecYpMo1quc3AyzvXkW-tNE2ysE4XejYf2J-bBNtMUMZjTKmjRO_nFwQc3oVdxknpvdSCSm457cdKnvkT_WBuxjVOu2Zrp8pL7RuyQKGHBtPCY_8wy68-ehIMuhceVest7mUGe-ydrI0wsnxmGXl3OOt5AIVxa_frwz-kSmK_zk30qRWfsMUtVrC3w01tHeC_DogWvyoXLQG5kxD5Ephzw-8vV3hmiXgzJDS83q_IxF4PJmw31bPmfAw4bEzgb4zDSCwXt4bTY8jXn7HuUIS1fxntbjjHAtDJTHDbR9M-Gb9831XrweRRLWmmrdAavtDLD07KPm2KlnUM1IiWPuZnKyw-PDFtZdsxF2qUWTR9IG3sStntMpe6OxS7qFTdcJsd1YauI0VOkLHY1EN6WUsiWjpydKQZKDWZDsFtCd2ByBnFL6rnoNozii-nj0vjYepXyvqpRn-dWk4Z2cCzSEScboIPWO1FZLgUXLOZpx7SIs1IgaTTfBDJaw0ylfzKqVo4IQhtLY2D7pO7jtDoU1Cr1jxtD3UYtBpBz9FypklT7sHkpu02o9Ko4mzz_-qTBn8IXNAV9mLw2O1gTkfX2Da0l1sSj8ZJsC9cLk6Sl54htXtmInqnGUNC0iIXNQswwvIN7mVDWRQcjNa_U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7FDD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl_fy2012.js?cb=31076166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 18:04:46 GMT
match
c1.adform.net/serving/cookie/ Frame 83E3 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C3BD0C7A-B371-4686-9220-ADA9A334E959&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 18 Aug 2023 18:04:46 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 100F 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:46 GMT
Expires
0
Pragma
no-cache
362588.gif
idsync.rlcdn.com/ Frame AD56
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C3BD0C7A-B371-4686-9220-ADA9A334E959
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_bf_rx_snb_n-vrtcal_ox-db5_cnv_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_n-nativo_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=cec9c022-2518-4275-90bb-40c27fa3670d
date
Fri, 18 Aug 2023 18:04:46 GMT
server
Kestrel
content-length
199
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DF5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
13675
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 14:16:51 GMT
expires
Sat, 17 Aug 2024 14:16:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3DB4 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e208b816366eeff3fcc698b33f15e5b8955aa9aad79ba060d4c37f89671c3b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CUh-KrondfR05traWbQlGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-CUh-KrondfR05traWbQlGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 18:04:46 GMT
expires
Fri, 18 Aug 2023 18:04:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6885 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIO-rebl5oADFQUc0AQd8wAJkQ&bg=!KSqlKn7NAAZGPLJIZjw7ADkAdvg8Wst4Xu0l00hnEHbmxr2S3POU2-SV0HbPekZs06o0rAa5Fjo-bPJjJuJ1j5LGPEH6IniXsNQCAAAEbFIAAAANaAEHmQLRnjLAZS_M2Y9NMBrpaJnCsQyr_Ql4OBbEKe1XibTqucTnx3H7kvbk_BNJ7tLiqYNpwvoenHatZK8bEzrAsJ8cLysfFVwbF-X2VAuLdjvTghuEG-sLVRDeeLY5kUWcJ1cpEHvYbFlSshtpkFG0innstqvtK9dnT8ZdpefM5DP7fCCcY-QGELRDhyLUwDuH8V1-F109Dr-HTC_vuweboicqTUnQbKBsIOCgP10Ie8jIv4JTZpqyGpGPc-OFAWmGx_Q-keiZSwCrX8VVHAAoIVDC_efE-DONNuZPqErsYDnB-Y6u8G2T2IMUopzUMwbTn5WQhxHIeEnfsPGl5xKu0gKzBNvJ0qBIUe0bB3WENHgUxpyRGWeRkuiUBC5cr_18p9MHY6Mr8gTUE-HjY-dpNeZhH4PlwDnBM08aRFABxWiFiwA3Vh4xSB7ExKhrudXexVAIVz3apXZjPPVgfw7fwEAvblNGMLf9PBzog9drgOg7k6WlwDT9tc2EXpTTYJB5EUteoKuv3u8RcBHI-iEP2nh4KBXu3iPpNm9YtlSkVCOekoTVVStSQ8wqI1vMVzKhD2u8W2txEfJ24xYiOKqlCE029GUectVSnBOTQrW9A8uJ30-mrrqAAsdd5GKf_Y7ZnNBm7a88W0QJAIWhbjYs-Jdr_gPLotHgHxl2EYuc4UyXPQ9T_wDYP0JIwbfZs9YYlk6SZWzd86d7d37PYF3S_Pq_dHsn5k_ivRFKoImX13ZcNiqKjAlPwNo9lsKOS-yyEANo0Wq-CmN-oPYVCNS0V2nALF5dh642eedOJDCaueXDxchwVlRIO-sNE8m6UUPRNgSOTiIZOpK6ZgRwkoXglpfLzDo2lxZEsmROa7zoFcCrQ3_j0A1ymIteASYf-_Rwz0iqZ1Ev6wKs9w8n1zLe7P6U0zR2YG9xTSYKODUMt-a32-hnmE2REjBIwf3VM147FOMWUg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692381886549&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1541&pt=895406037&tz=-600&viewable=true&ddast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=1&dtagid=1616035&dpubid=163987&abtst=aniview_inc_vA!nonrv_vA!t120!ufm_vE&mPre=0.033&cirf=https%3A%2F%2Fwww.9news.com&en=1&subu=6
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7b9e93507d372e64c240dab51f7a602842d2fe8ea8f092d91acaf6175e6211f

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 18:04:46 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1830
x-cache
MISS
x-served-by
cache-mia-kmia1760096-MIA
pragma
no-cache
server
nginx
x-timer
S1692381887.637174,VS0,VE302
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://gklfs-1dic0.ads.tremorhub.com>; rel=preconnect,<https://vast.aniview.com>; rel=preconnect,<https://jzwjq.ads.tremorhub.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BB16 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame CA68 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame 3DB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=4448700135153689&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 1DF5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
247762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:15:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 1DF5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6iIxBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tag
gklfs-1dic0.ads.tremorhub.com/ad/
Redirect Chain
  • https://gklfs-1dic0.ads.tremorhub.com/ad/tag?adCode=gklfs-6e22p&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4...
  • https://gklfs-1dic0.ads.tremorhub.com/ad/tag?adCode=gklfs-6e22p&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4...
119 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gklfs-1dic0.ads.tremorhub.com/ad/tag?adCode=gklfs-6e22p&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY&_tur=T
Protocol
H2
Server
2600:1f18:612b:4264:963:162:4e0f:64ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:47 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.9news.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD

Redirect headers

location
https://gklfs-1dic0.ads.tremorhub.com/ad/tag?adCode=gklfs-6e22p&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY&_tur=T
access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:47 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
/
vast.aniview.com/api/adserver61/vast/ 		888 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e&AV_CHANNELID=63f4a8d217dfbbf1d7006545&AV_URL=https%3A%2F%2Fwww.9news.com&cb=R0.1692381887057&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1YNY&AV_SCHAIN=1.0,1!taboola.com,1037842,1,300252230,tegna-kusa,9news.com&iiqpartner=755298539
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
e6ee7b70c135dc1129d7238540d8c4a451dcea3fba01ce9bac9ef6550466b07c

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

Date
Fri, 18 Aug 2023 18:04:48 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Surrogate-Control
no-store;hw-h2proxy
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.9news.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1692381887.cdn4-pxy040-mia02.mi1.evs,1692381888.cds216.mi1.sc,1692381888.cds216.mi1.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
tag
jzwjq.ads.tremorhub.com/ad/
Redirect Chain
  • https://jzwjq.ads.tremorhub.com/ad/tag?adCode=gklfs-lsya3&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPa...
  • https://jzwjq.ads.tremorhub.com/ad/tag?adCode=gklfs-lsya3&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPa...
119 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jzwjq.ads.tremorhub.com/ad/tag?adCode=gklfs-lsya3&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY&_tur=T
Protocol
H2
Server
2600:1f18:612b:4216:f43a:e101:3c9c:ed02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:47 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.9news.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD

Redirect headers

location
https://jzwjq.ads.tremorhub.com/ad/tag?adCode=gklfs-lsya3&playerWidth=700&playerHeight=393&playerPosition=1&mediaTitle=&mediaDesc=&mediaUrl=%2F%2Fvidstatb.taboola.com%2Fvid%2FblackScreen5.mp4&srcPageUrl=https%3A%2F%2Fwww.9news.com&contentLength=NaN&gdpr=0&us_privacy=1YNY&_tur=T
access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:47 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
SPug
simage4.pubmatic.com/AdServer/ Frame 0A11 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame 7FDD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=4448700135153689&bg=!FhWlFUHNAAZGPLJIZjw7ADkAdvg8Wj5BLtmC_1Obh-EcK1X_zcg_rPBF6vIX0rgkj-n460Bh0pQU0LlKQdPqUXqeBQIU-nQSRfkCAAABQlIAAAALaAEHmQLjY3GRxvsSHwFWKxk4UrkWmvieoxtepLrVY_LrVwjX1MTWellsH0ZLn0PVLItI9nOiZGplnkGtlFoshV_RFwUkEoZ1wF5Y1EdHVFtwJDf_-gr9Iu0e8j2Xx4JC7tM6SfpKkwbNe4sn5hTiq9N6lNzJDd599Q1GKzhp_PvZQ9O5RK-siudxBgovNH2w_39zgGNrz8b4e97vPR0jNcSPcZTZLUQyWoj13b9EU2UZU9P2Oo5MBhpclghnJw3Oww9t_CsGsLeh4l7gMrroJGsoxmYI6nfbxXthM4PKofXq2YwDLIUzSyRU6XKHCyl66V2IIKwKyVBkf7eH_x3hEmFYLgJuZEvc4O8-J-UXhi6R2ls_6ADnaryt9e3WZ4D0qSHrjMlHoxqzJdb1CDBanbUrzPzEOxo4Uf_ru-zRjl4vy5s05hWvNqwHWDVAxbTI382rp6t_VE7bZw1ubQiHRpWaaFSl7ZU0XbdFxcD99ynEGqt8QNeNPboeNRsPu94JbnxFi3BcapDuw6FsEWz5oYNtn9VdazBT2-vttv5TdnsBAblj7G9LMIajpUNzvcoMVqm8XT7oN3iktx0RXHVmtrZ4EIKkz7bZtmWWBqVjT53Az0goiBR1S54yDnLbPUu03JNDqW48gUQG8ml5NFmNfV6QxTQQwMIM25XCvm5-dVs8EXu4ZkjN9ttME2mjZ9tOCFsAdI4U7WVeaxxa82eX5dTWR909NzUjdVSeL4o5Lo3cEvxs1FwrVMFxdLh54ibSKZAvtmHovsKBBhMEElkniXuVOOY5UEaFo1WPXBUx9fInAnFaxuCb1wtxfvHZdSi4_xqaqDOSgTPlVPLoSQVQ87F9iYecY0RVfedkKKHFip2YEx7jKMEUcdaIdZJfeZH2a1l9h9f2jTOUkOUnPi3uNHPTsuOqei2CzyqIsTfDrTDpGpOsooMJhLfUjfgT7DFPt4sV7UzdbHlHwDqh5uZPh8OqUGp-0nhVSg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame EDE6 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bid
aax.amazon-adsystem.com/e/dtb/ 		143 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&pid=XIkXlbp0QR3S4&cb=3&ws=1600x1200&v=23.814.1438&t=2000&slots=%5B%7B%22sd%22%3A%22article_interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F32805352%2Fco-denver-KUSA-B3316_DesktopTablet%2Farticle_interstitial%2Fnews%2Flocal%22%7D%5D&gpp=DBABLA~BVQqAAAACZA.QA&gpp_sid=%5B7%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
38e79e1837143f641bed38f956e6968dbf23ce97b78bfea00f5dcbebe3c7f1c5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
Y2FRE3AX5A6WZNABBWN9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.9news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
143
x-amz-cf-id
xvEmgNi7NvAKokhX_C55WtIUhoSVB9S1s8jD9TG2KQyIeFNAJ5Mzbg==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		107 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&gdpr_applies=0&consent_string=&fpid=d86dab53-7c20-4056-ad9b-16f3ceb28db7
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/kusa-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.115.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-115-28.compute-1.amazonaws.com
Software
/
Resource Hash
fc21bb747370fb757b1f7f59e1b02048183599b561be7425494ac0501ac9c170

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
async_usersync.html
acdn.adnxs.com/dmp/ Frame 210C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41402
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 27 Jul 2023 06:34:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3911, 102951
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760059-MIA
X-Timer
S1692381888.109405,VS0,VE0
ads
securepubads.g.doubleclick.net/gampad/ 		356 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554103391489545&correlator=3427026350792002&eid=31076768%2C31076868%2C31068367%2C31068826&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cco-denver-KUSA-B3316_DesktopTablet%2Carticle_interstitial%2Cnews%2Clocal&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df27532619ad99297%3AT%3D1692381880%3ART%3D1692381880%3AS%3DALNI_MaaMvhwEwcl3nw4-nA4elzv9AKldA&gpic=UID%3D00000d8c302b113b%3AT%3D1692381880%3ART%3D1692381880%3AS%3DALNI_MZE6HFPAPrMyCCdRXVi6lF-2JOfQA&abxe=1&dt=1692381888046&lmt=1692417888&adxs=800&adys=4350&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&vis=1&psz=1600x18&msz=0x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnwzORU1eNj1nfMkpibNyKWOzOQnkBWCntyL4i3nDJNgaqzLSZifwkwLRauWZc0a69EaxeF0cO1jERYZtLjwtur9VOUGGai40P_DomVTu7yK1-a4I_R9q0%2CAOrYGslwEhrz-hkfXWdqaq3ZJZVcOy4VwCgYjbqqDotu2dqlkFvmd8n0fnSIOj5SkqdaHWbmdbkFhsR4HwE8BmsK-KzTkKSyrdkedCWxspSuoyA_5E8&ga_vid=1482041932.1692381879&ga_sid=1692381880&ga_hid=1839280050&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRj9wMjOoDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_cDIzqAxSABSAghk&dlt=1692381876492&idt=3060&ppid=d86dab53-7c20-4056-ad9b-16f3ceb28db7&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C22%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C4f%252C4%252C3i%252C30%252C31%252C21%252C3r%252C32%252C1p&cust_params=video_included%3DTrue%26ttid%3D2d942893-5578-4aa0-a328-3528a43a3f53%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.9news.com%252Fvideo%252Fnews%252Flocal%252Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%252F73-2d942893-5578-4aa0-a328-3528a43a3f53&adks=307036257&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db0e513b4997b410cfe168d6584730769fb4c295b3f9494c1874a9a99dedf6df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 2A87 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1YNY&bidder_id=25&external_user_id=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 18 Aug 2023 18:04:48 GMT
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 210C 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:48 GMT
an-x-request-uuid
17e3ce24-50a1-4367-aac0-fd14e5180e64
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 469E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41402
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 27 Jul 2023 06:34:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3911, 102952
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760059-MIA
X-Timer
S1692381888.181824,VS0,VE0
match
events-ssc.33across.com/ Frame 3B11 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=1YNY&bidder_id=25&external_user_id=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 18 Aug 2023 18:04:48 GMT
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame C42D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
41402
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:48 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 27 Jul 2023 06:34:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3911, 102953
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760059-MIA
X-Timer
S1692381888.220866,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 469E 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:48 GMT
an-x-request-uuid
ca0f0ed3-8d71-4c75-8e61-1db5e99461d5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C42D 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:48 GMT
an-x-request-uuid
23b3b1ff-0171-4968-afc1-9afe5d26132a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 04FE 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
S61FZ4TZJNTJM0Z2SXFP
usersync
x.serverbid.com/ Frame A0EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Fri, 18 Aug 2023 18:04:48 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 33BA 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:800:28d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdug7wN8EFtZCQlrGv6eVed8TDSlsIBX-NJNccyFchZS06c07OGNr4rFq9VvzBLD4f8HxNRiHsKExnFqKZnPJgohPBQbfNzt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Tue, 15 Aug 2023 12:18:43 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1692101923212281
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Fri, 18 Aug 2023 18:14:48 GMT
usersync
x.serverbid.com/ Frame 2D28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Fri, 18 Aug 2023 18:04:48 GMT
truncated
/ Frame 33BA 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gov.aniview.com/api/adserver/tag/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.9news.com&AV_CCPA=1YNY&AV_SCHAIN=1.0%2C1!taboola.com%2C1037842%2C1%2C300252230%2Ctegna-kusa%2C9news.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e&AV_CHANNELID=63f4a8d217dfbbf1d7006545&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.9news.com&AV_DADPOS=1&AV_GPID=/63f4a8b77aa36bbf5004bc1e/63f4a8d217dfbbf1d7006545/www.9news.com&d36=6.2.121&responsive=1&sver=4&avtoken=889208&omv=1.0.1&clsid=b1cba1a6-ecab-413c-96f8-0520f5360f94&rando=20&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1YNY&AV_DNT=0&cb=1692381889212&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.212.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-212-145.compute-1.amazonaws.com
Software
/
Resource Hash
f0757455a54797a4c769b7af685b0f1cede9589e478f5f6307bf6277df62e621

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:49 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.9news.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Mon, 07 Aug 2023 04:18:09 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.9news.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=b1cba1a6-ecab-413c-96f8-0520f5360f94&rando=20&pid=63f4a8b77aa36bbf5004bc1e&cid=63f4a8d217dfbbf1d7006545&stagid=&stplid=&e=inventory&vi=0&cb=1692381889211
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
async_usersync
ib.adnxs.com/ Frame 210C 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:49 GMT
an-x-request-uuid
c267431b-6f34-4fa9-a766-8f604f0189f8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 15B7 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:49 GMT
Expires
0
Pragma
no-cache
async_usersync
ib.adnxs.com/ Frame 469E 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:49 GMT
an-x-request-uuid
ba05054e-d43f-400e-a751-40e201d09b4c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C42D 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:49 GMT
an-x-request-uuid
a1203ea5-9e3f-43f3-9bbe-4b9833adeedc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
VideoBidRequestHandlerServlet
ch-wf.taboola.com/ 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692381889332&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1541&pt=895406037&tz=-600&viewable=true&ddast=V8NvACLAaMAXcelaiFIhAYA-48KlELRSgAAABgYID-AAmMlpOVwzdba4wLk1u0Gs7WCo9zuJa4bBvHZuSwTGbOISCB0XKycvhma41xYXKLVsPZWuFxDtcSl23j2IwclsnMOQUXxnKZDGqBhGX2-w6ypsnlN8hYLpMbBL6i6XT4XPd63e93V85dvs9d43f7ZU-Ty--Xu3yfv9jvcZj9Gr_Zb3mY_G7R5ekyuUV_t-7lMrn1rtNbdXe5DWe_8-2ym94yy8N1civsJrfG4foZTW_R0e_6POwmz1tvc0teDrNbY3Y43Z630u4WHV1uweXvcXk-f91mLRk5R5PhcrNWrXbDtWjhMKwVnslwrVlNhgvTZuGZuTZzAAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8D4BgFnlgOCu3wH5d_y9QcAAAAAEAAAAAAkAAQAJ0sAYKCOnvj_________jzFAn3kj4______GQg-ABx8AD0IAAAAuhki5_Ap-cmOHEDlAKcIIAAAAgAmhHdKRSTpBxaLK__9_vxWAKwAAAYoJ0heNWXQHJd7CAAAAFIxZoIfF7zc77Bq_22X-_________838n_lHIzQyM5NGeBKeVM0vIADAml9AAAA24QYA4E0AnKBD0IrBYHUIaDLczQ4AAADAnf___389IDSyTZa75cxhWDlMjuXKtButfDPTcrhxbDaOxcJ7cMOvI_XihkD6ZAjL7PcdZE2Ty2-QsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxmA3QRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCqYnHuVwYFmvVbDRai2aDyVrhmrncKstgsByZTBuLb7MWvT6mi8m5GW5mWyQYYLoXydMinSh8I8tkN5nsNqvVwuaZLWYrk8WzWxhGxpFrY5pNxBLNySKdyC770sg2We6WM4dh5TA5livTbrTyzUzL4cax2TgWC39r4nEuF4bFWjUbjdai2WCyVrhmLrfKMhgsRybTxuLbrEWvj-licm6Gm9m-MVtONsPFcDfcN2bLyWa4GO6G-w6d4bv6nI2u4_fvkXms55u2c3MaFC6DxTstWqStw9Fn1HltE2Fqbdo5JlahVeI1KDwHj2r8uYa85pTIXD1ovQejIpYILtKJ6OWzO9xa1-dhEUuUpot0opc9TS6_X-7yff5iv8dh9mv8Zr_lYfK7RZeny-QW_d26l8vk1rtOb9Xd5Tac_c63y256yywP18mtsJvcGofrZzS9RUe_6_Owmzxvvc0teTnMbo3Z4XR73kq7W3R0uQWXv8fl-fx1m7Vk5BxNhsvNWrXaDdeihcOwVngmw7VmNRkuTJuFZ-baTMQSwekincieJpffov6jhhnOFZvJXLEYznWTVQIAAAAAAAAAsASTTDcBAAAAcDKI2WY53K3TQcwWs8FmtVwAD9YSun6un-58p5aHduGNsEbx9ASOFmvsMQV6-ewOt9b1eVgZwIO1ArPNPiOIZZ1ZawAAAALYAAAABLjtxpuAMyvu____fxwAAAAZOfQAAADo9wFJ5WVmZmZq8iuIxXIw2D8AFWJZZ7bbjWWd2YACtZtAAICAeg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=1&dtagid=1616035&dpubid=163987&abtst=aniview_inc_vA!nonrv_vA!t120!ufm_vE&mPre=0.033&cirf=https%3A%2F%2Fwww.9news.com&en=1&subu=6
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6248533a5a442f21d8ebbf331872c5ee454d7d581643d5e356545d6f5847d8e6

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:50 GMT
content-encoding
gzip
server
nginx
machineid
1856
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://vast.aniview.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 922F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26bid...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005&rndcb=6879913472
  • https://t.pswec.com/bsw_sync?ssp=adconductor&bsw_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=adconductor&bsw_user_id=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=f026e252-144f-416e-a656-1a54e96cc56c&expires=3&user_group=1&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/eb6f7b88-a4bc-4e60-bf79-710517cb86e8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=200&key=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=200&key=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:50 GMT

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 18 Aug 2023 18:04:50 GMT
ETag
RXa8c4e4e111a74d9faacc9304e2e3bbb6005
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=200&key=RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
usync.html
eus.rubiconproject.com/ Frame 5413
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 18:04:49 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame E8D2
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1692381889468-994613872329-001229-001-002651&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-0...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
0
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.9news.com/
age
0
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 18 Aug 2023 18:04:49 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=3&key=2129E09A41B14F3196FBE4892007BDC9
server
nginx
via
1.1 varnish
x-varnish
840938564
0
prebid.a-mo.net/cchain/ Frame FD4F 		740 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5262b201162ba12ef74884d37638e9b52aca2f4b123634028f33e9fdeede7340

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
394
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 18:04:49 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame B5FC 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.187 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip187.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ups.analytics.yahoo.com/ups/58543/ Frame E117 		0
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/sync?redir=true&gdpr=0&gdpr_consent=
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
0
content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 734E
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1YNY&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=18&key=HLDcfQZHcHxqw-twSRG0RE1f
0
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=18&key=HLDcfQZHcHxqw-twSRG0RE1f
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 18 Aug 2023 18:04:49 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=18&key=HLDcfQZHcHxqw-twSRG0RE1f
X-Sovrn-Pod
ad_ap1ewr1
cookiesyncendpoint
sync.aniview.com/ Frame 64E5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1YNY&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=10&pid=59c9148628a0612da3689288&key=dDwU09hZAwd6&ev=1&us_privacy=1YNY&pid=562704
0
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=10&pid=59c9148628a0612da3689288&key=dDwU09hZAwd6&ev=1&us_privacy=1YNY&pid=562704
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-cdb79dd64-qcqnx
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=10&pid=59c9148628a0612da3689288&key=dDwU09hZAwd6&ev=1&us_privacy=1YNY&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3990 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D1%26key%3D
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.64.205 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-64-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142211
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 18:04:49 GMT
expires
Sun, 20 Aug 2023 09:35:00 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 5F71
Redirect Chain
  • https://csync.loopme.me/?pubid=11455&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D56%26pid%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=56&pid=59c9148628a0612da3689288&key=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&g...
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=56&pid=59c9148628a0612da3689288&key=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:50 GMT

Redirect headers

content-length
0
date
Fri, 18 Aug 2023 18:04:50 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=56&pid=59c9148628a0612da3689288&key=73fdb302-9f81-4aed-958a-512f3b1c9b1b&gdpr_consent=null&gdpr=0
server
_
cookiesyncendpoint
sync.aniview.com/ Frame 5EC7
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=0&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=2f3953791de8276ad86e884a0bc&_fw_gdpr=0&_fw_gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=2f3953791de8276ad86e884a0bc&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 18:04:49 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=2f3953791de8276ad86e884a0bc&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1692381889668069-1149
auto-user-sync
ads.stickyadstv.com/ Frame 3616 		43 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Date
Fri, 18 Aug 2023 18:04:49 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1692381889749023-1151
cookiesyncendpoint
sync.aniview.com/ Frame 9F17
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=23&key=439a4e02-c31a-0eaa-3b34-ffcd040772e4
0
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=23&key=439a4e02-c31a-0eaa-3b34-ffcd040772e4
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.9news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Fri, 18 Aug 2023 18:04:49 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=23&key=439a4e02-c31a-0eaa-3b34-ffcd040772e4
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1692381889468-994613872329-001229-001-002651&gdpr=0&gdpr_consent=&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiesyncendpoint
sync.aniview.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=24&pid=59c9148628a0612da3689288&key=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=24&pid=59c9148628a0612da3689288&key=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Protocol
H2
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
content-length
0

Redirect headers

Location
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=24&pid=59c9148628a0612da3689288&key=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Date
Fri, 18 Aug 2023 18:04:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cframe.js
assets.a-mo.net/js/ Frame FD4F 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75923de2a993785ccab38a3f2766e0ef00649c91bce9c3373ea78fa40dcf68f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:49 GMT
via
1.1 62d5869bc7a376836eb8695574c3a214.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 17 Aug 2023 16:18:48 GMT
server
cloudflare
etag
W/"bf90df713e5e01906e68ba8a50b132d3"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7f8c14db9fdfdaf5-MIA
x-amz-cf-id
yg9GuDpRMejbgPMaIt4ZU9NCeBwXGb03DHL5GebYhsP8hNSeybELkg==
expires
Fri, 18 Aug 2023 19:04:49 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 9B82 		0
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=1&key=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 35D4 		0
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=1&key=C3BD0C7A-B371-4686-9220-ADA9A334E959
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Fri, 18 Aug 2023 18:04:49 GMT
usync.js
eus.rubiconproject.com/ Frame 5413 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-25-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2023 01:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27923
Connection
keep-alive
Content-Length
10117
Expires
Sat, 19 Aug 2023 01:50:13 GMT
idl.js
assets.a-mo.net/js/ Frame FD4F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.9news.com&e=27&uid=c28ee0e9-df1e-4d35-8383-5ac27408fe76
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
via
1.1 639cc143f6b6769351df58109d6b2b18.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
210
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 27 Jun 2023 16:12:52 GMT
server
cloudflare
etag
W/"a61ed4db59070cd66af981cbd85859ca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7f8c14ddcd93daf5-MIA
x-amz-cf-id
bT02B-gYArbJ55UkgfdjxOua6e5a3p9eXIVwZs9K_Aa-skGxD2IBRQ==
expires
Fri, 18 Aug 2023 19:04:50 GMT
cookiesyncendpoint
sync.aniview.com/ Frame FD4F 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=105&pid=59c9148628a0612da3689288&key=c28ee0e9-df1e-4d35-8383-5ac27408fe76&do=www.9news.com
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
content-length
0
bidswitch
sync-dmp.mobtrakk.com/match/ Frame FD4F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=c28ee0e9-df1e-4d35-8383-5ac27408fe76&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Server
3.135.132.32 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-132-32.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

Location
//sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Date
Fri, 18 Aug 2023 18:04:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame FD4F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=c28ee0e9-df1e-4d35-8383-5ac27408fe76
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A&gdpr=0
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A&gdpr=0
date
Fri, 18 Aug 2023 18:04:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame FD4F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=LLGWH5J5-B-4TBO&gdpr=0
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LLGWH5J5-B-4TBO&gdpr=0
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LLGWH5J5-B-4TBO&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
setuid
prebid.a-mo.net/ Frame FD4F
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc28ee0e9-df1e-4d35-8383-5ac27408fe76%26bidder%...
  • https://prebid.a-mo.net/setuid?A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=smartadserver&uid=5132813517839228127
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=smartadserver&uid=5132813517839228127
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=c28ee0e9-df1e-4d35-8383-5ac27408fe76&bidder=smartadserver&uid=5132813517839228127
date
Fri, 18 Aug 2023 18:04:49 GMT
content-length
0
setuid
ib.adnxs.com/prebid/ Frame FD4F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=c28ee0e9-df1e-4d35-8383-5ac27408fe76&do=www.9news.com
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:50 GMT
an-x-request-uuid
66c3f5a7-3010-4378-8b64-975e3fe84b6b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame FD4F 		86 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=c28ee0e9-df1e-4d35-8383-5ac27408fe76&do=www.9news.com
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
content-length
86
content-type
image/png
setuid
prebid-server.rubiconproject.com/ Frame FD4F 		86 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=c28ee0e9-df1e-4d35-8383-5ac27408fe76&do=www.9news.com
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
/
vast.aniview.com/api/adserver61/vast/ 		888 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e&AV_CHANNELID=63f4a8d217dfbbf1d7006545&AV_URL=https%3A%2F%2Fwww.9news.com&cb=R0.1692381890262&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1YNY&AV_SCHAIN=1.0,1!taboola.com,1037842,1,300252261,tegna-kusa,9news.com&iiqpartner=755298539
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
444966674ac8d3a055e1a85b03a48a6ff808497e8fb32d1a03d1faf483f8b446

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

Date
Fri, 18 Aug 2023 18:04:50 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Surrogate-Control
no-store;hw-h2proxy
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.9news.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1692381890.cdn4-pxy040-mia02.mi1.evs,1692381890.cds203.mi1.sc,1692381890.cds203.mi1.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
ptv
secure.adnxs.com/ 		27 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=20765230&size=700x393&promo_alignment=center&cb=R0.1692381890262&ext_inv_code=cm_163987-1616035_UNKNOWN
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 18:04:50 GMT
an-x-request-uuid
8d957bfe-d786-4996-897a-e2adb9db263d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.9news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
27
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ 		888 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=6356a0f9b339277a681e96b3&AV_URL=https%3A%2F%2Fwww.9news.com&cb=R0.1692381890263&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1YNY&AV_SCHAIN=1.0,1!taboola.com,1037842,1,300252261,tegna-kusa,9news.com&iiqpartner=755298539
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
253e694818b44dc8e84e70f4d4ef5a8dfa14e3b1f5106a46458a3409a3e4b1ea

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

Date
Fri, 18 Aug 2023 18:04:50 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Surrogate-Control
no-store;hw-h2proxy
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.9news.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1692381890.cdn4-pxy064-mia02.mi1.evs,1692381890.cds038.mi1.sc,1692381890.cds038.mi1.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
cookiesyncendpoint
sync.aniview.com/ Frame 5413
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&us_privacy=1YNY&khaos=LLGWH5J5-B-4TBO
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LLGWH5J5-B-4TBO&us_privacy=1YNY
0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LLGWH5J5-B-4TBO&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
54.161.131.163 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-131-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LLGWH5J5-B-4TBO&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
69f1d84e-64b0-4352-bcde-424ad1720c71
https://prebid.a-mo.net/ Frame FD4F 		173 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/69f1d84e-64b0-4352-bcde-424ad1720c71
Requested by
Host: www.9news.com
URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c3c90a35ce51f6038c2eca7ae22637c829ee867cec6932ab55cb996f9c0008b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
173
Content-Type
AVmanager.js
player.aniview.com/script/6.1/ Frame 111F 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=63f4a8b77aa36bbf5004bc1e
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:800:28d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdug7wN8EFtZCQlrGv6eVed8TDSlsIBX-NJNccyFchZS06c07OGNr4rFq9VvzBLD4f8HxNRiHsKExnFqKZnPJgohPBQbfNzt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Tue, 15 Aug 2023 12:18:43 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1692101923212281
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Fri, 18 Aug 2023 18:14:50 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 09A3 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1402:800:28d::2c79 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdug7wN8EFtZCQlrGv6eVed8TDSlsIBX-NJNccyFchZS06c07OGNr4rFq9VvzBLD4f8HxNRiHsKExnFqKZnPJgohPBQbfNzt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Tue, 15 Aug 2023 12:18:43 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1692101923212281
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Fri, 18 Aug 2023 18:14:50 GMT
truncated
/ Frame 111F 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.9news.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=51c177ea-3ca8-4127-a0aa-2f33e98060dc&rando=9&pid=63f4a8b77aa36bbf5004bc1e&cid=63f4a8d217dfbbf1d7006545&stagid=&stplid=&e=inventory&vi=0&cb=1692381890805
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 09A3 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gov.aniview.com/api/adserver/tag/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.9news.com&AV_CCPA=1YNY&AV_SCHAIN=1.0%2C1!taboola.com%2C1037842%2C1%2C300252261%2Ctegna-kusa%2C9news.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=6356a0f9b339277a681e96b3&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.9news.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/6356a0f9b339277a681e96b3/www.9news.com&d36=6.2.121&responsive=1&sver=4&avtoken=890836&omv=1.0.1&clsid=90934fdf-046f-4330-bfbd-d97addb89454&rando=89&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1YNY&AV_DNT=0&cb=1692381890842&AV_C_USER_ID=1692381889468-994613872329-001229-001-002651&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.212.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-212-145.compute-1.amazonaws.com
Software
/
Resource Hash
0952655b4de0dc391c740b941f24fd94ec44b10629808611ffc6d4dc29460de7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:51 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.9news.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Mon, 07 Aug 2023 04:18:11 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.9news.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=90934fdf-046f-4330-bfbd-d97addb89454&rando=89&pid=621cca388ba47d78a102e506&cid=6356a0f9b339277a681e96b3&stagid=&stplid=&e=inventory&vi=0&cb=1692381890841
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.9news.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.9news.com
date
Fri, 18 Aug 2023 18:04:51 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
cookiesyncendpoint
sync.aniview.com/ Frame D54A
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692381889468-994613872329-001229-001-002651%26biddername%3D41%26pid%3D59c914862...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=41&pid=59c9148628a0612da3689288&key=572205591462893908588
0
0
2.m3u8
livevideo.tegnadigital.com/kusa/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/c0c20d39-dac3-4595-8b4a-26137601df2b/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/kusa/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KUSA/c0c20d39-dac3-4595-8b4a-26137601df2b/2.m3u8
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.171 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9d044c8e7c6f7229767f41f51e21b6e0f9b47499f20a3c18d37929cc4f1e0b97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:51 GMT
Content-Encoding
gzip
x-amzn-RequestId
5e55e613-6835-4b86-a3bc-aa8afe150e09
Connection
keep-alive
Akamai-Mon-Iucid-Del
926974
Content-Length
303
Pragma
no-cache
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 18 Aug 2023 18:04:51 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.9news.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=90934fdf-046f-4330-bfbd-d97addb89454&rando=89&pid=621cca388ba47d78a102e506&cid=6356a0f9b339277a681e96b3&stagid=&stplid=&e=AV_M8&prbdres=emptywf&cb=1692381891187
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 18:04:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
live-3390_00029.ts
livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/ 		564 KB
564 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.9news.com/hls/live/2014548/elvs/20230719T092454/live-3/00221/live-3390_00029.ts
Requested by
Host: www.9news.com
URL: https://www.9news.com/assets/js-libs/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.185 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04582429d7cf90291ffad9a63a7f88be81196e726ec7afd1032e408bdd8dac80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.9news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 18:04:51 GMT
Akamai-Path-Timestamp
i=1692381888.685;xi=1692381888.704;xo=1692381890.157;s=1692381890.181;
Akamai-Mon-Iucid-Ing
2014548
Connection
keep-alive
Akamai-Mon-Iucid-Del
312833
Content-Length
577160
Pragma
no-cache
Last-Modified
Fri, 18 Aug 2023 18:04:48 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
X-Akamai-Live-Origin-QoS
d=7000;t=1692381888.690
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Sat, 17 Aug 2024 18:04:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3276&u=https%3A%2F%2Fwww.9news.com
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3276&u=https%3A%2F%2Fwww.9news.com
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1692381889468-994613872329-001229-001-002651&biddername=41&pid=59c9148628a0612da3689288&key=572205591462893908588

Verdicts & Comments Add Verdict or Comment

427 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| documentPictureInPicture object| tegna function| loadCSS function| applyFocusVisiblePolyfill object| OneTrustStub function| OptanonWrapper function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| utag_data function| recaptchaCallback object| _taboola function| admiral object| googletag string| bazadebezolkohpepadr object| __otccpaooLocation string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| __gpp object| otStubData function| 4dm1r11545242527 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| REACT_ELEMENT_TYPE object| babelHelpers function| _typeof function| _createRawReactElement function| _asyncIterator function| AsyncGenerator function| _asyncGeneratorDelegate function| asyncGeneratorStep function| _asyncToGenerator function| _classCallCheck function| _defineProperties function| _createClass function| _defineEnumerableProperties function| _defaults function| _defineProperty function| _extends function| _inherits function| _getPrototypeOf function| _setPrototypeOf function| _isNativeReflectConstruct function| _construct function| _isNativeFunction function| _wrapNativeSuper function| _instanceof function| _interopRequireDefault function| _getRequireWildcardCache function| _interopRequireWildcard function| _newArrowCheck function| _objectDestructuringEmpty function| _objectWithoutPropertiesLoose function| _objectWithoutProperties function| _assertThisInitialized function| _possibleConstructorReturn function| _superPropBase function| _get function| set function| _set function| _taggedTemplateLiteral function| _taggedTemplateLiteralLoose function| _temporalUndefined function| _temporalRef function| _slicedToArray function| _slicedToArrayLoose function| _toArray function| _toConsumableArray function| _arrayWithoutHoles function| _arrayWithHoles function| _iterableToArray function| _arrayLikeToArray object| ce object| akamai function| ES6Promise object| puremvc object| bowser function| requirejs function| require function| define string| urhehlevkedkilrobacf object| otIabModule object| Optanon object| OneTrust object| firebase function| $ function| jQuery object| recaptcha function| Hls object| modal object| React object| ReactDOM object| PropTypes function| ReactHint object| ns_ object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _aps boolean| apstagLOADED object| apstag boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand boolean| _tb_vautop object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter boolean| _tb_noOP function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_video_id string| trc_item_url object| TRCImpl number| taboola_view_id object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog boolean| utag_condload object| utag function| udm_ function| ns_order function| ns_onclick object| script object| firstScriptTag object| _tvq boolean| __tealium_twc_switch string| GoogleAnalyticsObject function| ga object| apscustom function| ope string| gtagRename function| gtag function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| hi object| _pm_mcg object| image object| google_tag_data object| closure_lm_867522 object| ggeac object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| PWT object| OWT string| partnerName string| key object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR object| g object| ns_p object| closure_lm_353349 object| gaplugins object| gaGlobal object| gaData number| pubInfoListtLength function| focusMethod string| nam object| placementData function| setImmediate function| clearImmediate object| regeneratorRuntime object| ats undefined| google_measure_js_timing object| google_tag_manager object| JSON2 object| TV2Track object| cmTag object| Criteo object| _cm_wfCounters number| google_unique_id object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| tbopt object| _33across object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| _createForOfIteratorHelper function| _unsupportedIterableToArray object| _33Across object| _tynt_jp number| Yb number| _tynt_gpt_iframe_id number| _tynt_ox_iframe_id function| webpackHotUpdate function| startCMTagMain string| category object| google_image_requests function| OvaMediaPlayer string| lastWfUrl object| msgData object| storageAni

402 Cookies

Domain/Path Name / Value
.taboola.com/tegna-kusa/ Name: taboola_session_id
Value: v2_4d62979fa0ead19e474e7f498c13c11a_5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836_1692381878_1692381878_CNawjgYQkqw_GLGuyM6gMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGjxg5HW9JH9uAVwAQ
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQysXIzqAxCgoI4gEQysXIzqAxCgoItAIQysXIzqAxCgoI5gEQysXIzqAxCgoIhwIQysXIzqAxCgkICRDKxcjOoDEKCQg6EMrFyM6gMQoKCIwCEMrFyM6gMQoJCF8QysXIzqAxCgkIHxDKxcjOoDE=
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxDxFQ
i6.liadm.com/s Name: _li_ss
Value: CgA
.www.9news.com/ Name: OTGPPConsent
Value: DBABLA~BVQqAAAACZA.QA
www.9news.com/ Name: usprivacy
Value: 1YNY
.www.9news.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Aug+18+2023+08%3A04%3A37+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202304.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c960f088-1eeb-4310-9b9e-4dcb4f085782&interactionCount=0&landingPath=https%3A%2F%2Fwww.9news.com%2Fvideo%2Fnews%2Flocal%2Fcolorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process%2F73-2d942893-5578-4aa0-a328-3528a43a3f53&GPPCookiesCount=1&groups=C0001%3A1%2CC0003%3A1%2CBG100%3A1%2CC0004%3A1%2CC0002%3A1
.9news.com/ Name: _awl
Value: 2.1692381877.5-7c6375b53858d19493038d59311fce10-6763652d75732d6561737431-0
.9news.com/ Name: ak_bmsc
Value: A9BF5A1DBA8AD1EFE7AE07D8F3631637~000000000000000000000000000000~YAAQ3O0sF8Ad6QSKAQAAyhXSCRQOudQpVQ5fCXn917fwqDH2KZDMnXc2LeIexedMtCs7Am8Te4BiCXSnztCLOgzyHMIe7HtDzb3Qg/zrQtp/nhDBq1RbjSqFMMS7QyZ7NArY65zEc48jnfCCIYjWoLxe5fExW0JOwjoxbHWZZ86kbaC7I+s7s+oT9aZHBzQLMleAlXrSGsB4kWNdLvzqVWU5yuymdc+LogqvHRRjqqdv0u31hktGSFLeZsrB8gNO3P37ZCJBiLJl02SmL7XhAXA1y/BcSa0XoV/ohjuGq4mXOrVJWB66c06eC6JPpjtoX+SGXXIWne2r7Cd1eo9xwkibIWJKRUkb+Hy4Ln1Zy7tvz0471F070VfSqmK/JxpAHyxU6NJK/W88X/ArbhXZ8hlBdNB/PW7d8f+awnMdhbyvWC08zwymBwPX4YRwGd8KvX734lrI1ymZaBIhcHzk1rqd6Id+lj+jilVMI8psUiX2tdPyx7aLOg==
.9news.com/ Name: bm_sv
Value: 77BD4DD094C09BB8121A9E60BE719A07~YAAQ3O0sF8Ud6QSKAQAACxbSCRQuT60/oR3mlVVeGkRDEAx6grr6sbjQmzmJMvi9BrLBujuDokrayVbg0i9t88LIo457AvhdKLfvB1rfcdpKu6Bcynv15p8PaVWM3jnFdQ6cc+6/sQs2tyfXhNa0EOXqU8xQ3T0HHEvls9Xmh1g3x4C4MGx8uDoQjrnLnhcrhGEVbRm3xLccGTZNlYDDDz3s5HD8egKVNmDRR8EQt73wKaNf7okhc9/8DDCCHVY=~1
.9news.com/ Name: utag_main
Value: v_id:018a09d2177e001f21944740cc7b0307300af06b00b08$_sn:1$_se:1$_ss:1$_st:1692383678143$ses_id:1692381878143%3Bexp-session$_pn:1%3Bexp-session
www.9news.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.9news.com/ Name: _pubcid
Value: b5d10296-594e-4f20-8e9f-985faf829eab
.taboola.com/ Name: t_gid
Value: 5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
.9news.com/ Name: _gid
Value: GA1.2.1819321061.1692381879
.9news.com/ Name: _gat_tealium_0
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1EEfe8ae2c5f5d0a09cb3201692381878
.simpli.fi/ Name: suid
Value: BB882163254D4174AB34F94472E55A64
www.9news.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
www.9news.com/ Name: _tq_id.TV-8136186354-1.fef2
Value: 09f28b524d7b9089.1692381880.0.1692381880..
.9news.com/ Name: _ga_F7XWSR753Q
Value: GS1.1.1692381879.1.0.1692381879.60.0.0
.9news.com/ Name: _ga
Value: GA1.1.1482041932.1692381879
.tagger.opecloud.com/ Name: ope_uid
Value: 2-iceTBTVmwcSk4FmoWfIe0jTBk5PZcPvXrXWW92jL+7N2/oNqM/eKyAPluyVLA8y0a4fNag==
www.9news.com/ Name: _lr_geo_location
Value: US
www.9news.com/ Name: _lr_geo_location_state
Value: FL
.sharethrough.com/ Name: stx_user_id
Value: c4c1ba57-5c3d-4c8f-ac07-7a1793c56edb
.kargo.com/ Name: ktcid
Value: d9cfde9b-4a0f-0fe3-1b6e-3f959e0600a4
.undertone.com/ Name: UTID
Value: 2ac25364ed77483c898c97a787093835
.undertone.com/ Name: UTID_ENC
Value: 2j4qxcabqnm4mmr9ah4sxtjcl
.serverbid.com/ Name: CONSUMABLEID
Value: b260189533234555a018953323955580
.teads.tv/ Name: tt_viewer
Value: ebcdefac-82d7-4bce-b58e-bd46d0b7552b
.doubleclick.net/ Name: IDE
Value: AHWqTUlMOkoYDtjoQQQJtTgfrvRDcLIouonugLi4hw671UM6H5whOiKFqpGIwbl6SV0
.amazon-adsystem.com/ Name: ad-id
Value: A9I2z_vTV0rBoJ0mV5B_O1U
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adsrvr.org/ Name: TDID
Value: cec9c022-2518-4275-90bb-40c27fa3670d
.yahoo.com/ Name: A3
Value: d=AQABBLiy32QCECz4SArVOpGnqBDNMAu4wRUFEgEBAQEE4WTpZNxH0iMA_eMAAA&S=AQAAArtXRqDOBIQz9Zf6Ff5Zc2U
.3lift.com/ Name: tluid
Value: 572205591462893908588
.quantserve.com/ Name: mc
Value: 64dfb2b9-06437-858ef-2dab0
.criteo.com/ Name: uid
Value: 1d1acbe0-8756-4956-85c8-cdafaf2c8eb7
.33across.com/ Name: 33x_ps
Value: u%3D212153247920106%3As1%3D1692381881029%3Ats%3D1692381881029
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-9abdfd0b-d0fa-312c-9e0c-6b99adc0bdf5
.creativecdn.com/ Name: u
Value: emnWOirBSCcEF1SiwHUR
.creativecdn.com/ Name: ts
Value: 1692381881
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 1cc682fc682e8ac9a52d8351ef6bb26d
.bidswitch.net/ Name: c
Value: 1692381881
.bidswitch.net/ Name: tuuid_lu
Value: 1692381881
.advertising.com/ Name: A3
Value: d=AQABBLmy32QCEOgIAPMW8v94eIQuy0clQqMFEgEBAQEE4WTpZNxH0iMA_eMAAA&S=AQAAAmKv46y8aHy5OshnLSycFek
.casalemedia.com/ Name: CMPS
Value: 362
.casalemedia.com/ Name: CMID
Value: ZN.yuQ0X0tnKZUDaNNXD1AAA
.casalemedia.com/ Name: CMPRO
Value: 2851
.smaato.net/ Name: SCM
Value: f53a4d9aec
.smaato.net/ Name: SCMaps
Value: f53a4d9aec
.gumgum.com/ Name: vst
Value: u_b9bf43ab-9980-4c7d-a580-67bb89630f4b
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uis
Value: 6f5eeefe-658b-41c1-aa64-1cde178e9d11
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 19847080
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 19847080
.go.sonobi.com/ Name: __uin_th
Value: 1
.go.sonobi.com/ Name: __uir_th
Value: 19847080
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 19847080
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 19847080
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 19847080
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 19847080
.go.sonobi.com/ Name: HAPLB8G
Value: s8561|ZN+yv
.postrelease.com/ Name: visitor
Value: 1c04d107-c8fa-4398-973e-dec51524914a
.postrelease.com/ Name: status
Value: 1
.sitescout.com/ Name: ssi
Value: 38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8#1692381881517
.openx.net/ Name: i
Value: ccb4e9f1-62ac-0541-3481-8238e476682b|1692381881
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C3BD0C7A-B371-4686-9220-ADA9A334E959
.9news.com/ Name: _cc_id
Value: 1cc682fc682e8ac9a52d8351ef6bb26d
.9news.com/ Name: panoramaId_expiry
Value: 1692468281305
.krxd.net/ Name: _kuid_
Value: PvjFnDEO
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 1EAAD3505E136C97188BC0215F7F6DEF
.demdex.net/ Name: demdex
Value: 50278963124786477503733527376778668354
.smartadserver.com/ Name: pid
Value: 5132813517839228127
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3027:u=1:x=1:i=1692381881:t=1692468281:v=2:sig=AQG_rQceWlTbl79OeXSGiQiTMDvwyG54"
.bidswitch.net/ Name: tuuid
Value: eb6f7b88-a4bc-4e60-bf79-710517cb86e8
.9news.com/ Name: __gads
Value: ID=f27532619ad99297:T=1692381880:RT=1692381880:S=ALNI_MaaMvhwEwcl3nw4-nA4elzv9AKldA
.linkedin.com/ Name: li_sugr
Value: c84afe07-aa4d-43cd-967a-9d1023686180
.linkedin.com/ Name: bcookie
Value: "v=2&abe52dc9-e665-4dc6-8912-60f498789f14"
.9news.com/ Name: __gpi
Value: UID=00000d8c302b113b:T=1692381880:RT=1692381880:S=ALNI_MZE6HFPAPrMyCCdRXVi6lF-2JOfQA
.colossusssp.com/ Name: lmg_r
Value: 11
.colossusssp.com/ Name: gtm_usr
Value: 823eae10-6224-4439-adad-6fc86f3e80e5
.ads.yieldmo.com/ Name: re_sync
Value: t%3D1176105%7Ctapad%3D1176105%7Cpub%3D1176105%7Cdv360%3D1176105%7Can%3D1176105
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: c28ee0e9-df1e-4d35-8383-5ac27408fe76
.prebid.a-mo.net/ Name: sd_amuid2
Value: c28ee0e9-df1e-4d35-8383-5ac27408fe76
.bluekai.com/ Name: bku
Value: fEy99nZ0ltxTQYyM
.turn.com/ Name: uid
Value: 3278840519872068504
.addthis.com/ Name: ouid
Value: 64dfb2b90001468daec0418f0be79700421f2ab58e3776ce3442
.addthis.com/ Name: uid
Value: 64dfb2b97831084a
.addthis.com/ Name: na_id
Value: 2023081818044186900820472988
.adscale.de/ Name: uu
Value: c4ae383c8e2a41d0a07c96ef67d34d18
.360yield.com/ Name: tuuid_lu
Value: 1692381881
.rubiconproject.com/ Name: khaos
Value: LLGWH5J5-B-4TBO
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.360yield.com/ Name: tuuid
Value: f788601c-7903-41d0-8bd4-00f0948479b2
.yieldmo.com/ Name: yieldmo_id
Value: 3m7DXvyGGDys2L3_HSHF%7C1692316800000%7C0
.dpm.demdex.net/ Name: dpm
Value: 50278963124786477503733527376778668354
.yellowblue.io/ Name: wrvUserID
Value: zN8Ev-ozkp_s
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7bdb646626d8b373
.contextweb.com/ Name: V
Value: dDwU09hZAwd6
.adnxs.com/ Name: uuid2
Value: 8342177640231574973
.undertone.com/ Name: UID_EXT_46
Value: cec9c022-2518-4275-90bb-40c27fa3670d
.undertone.com/ Name: UID_EXT_56
Value: y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
.undertone.com/ Name: UID_EXT_57
Value: ZN-yuQ0X0tnKZUDaNNXD1AAACyMAAAAB
.pippio.com/ Name: did
Value: IEfh4uVnF2ss8mzf
.pippio.com/ Name: didts
Value: 1692381881
.pippio.com/ Name: nnls
Value:
.lijit.com/ Name: ljt_reader
Value: HLDcfQZHcHxqw-twSRG0RE1f
.adswizz.com/ Name: OAID
Value: dc02e61d526d7041f88fa01673562d72
.brand-display.com/ Name: _knxq_
Value: b68d3bb9-1f59-1b83-f9d95c83.1692381882.0.1692381882.1692381882
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZN_yugAJkOfzIgBY
.eqads.com/ Name: EQUser
Value: UID=389660e3-c6dc-4342-92d0-f34bace7b3e9
.adform.net/ Name: C
Value: 1
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_b49a7c60-3df1-11ee-9934-120817463c8f
.deepintent.com/ Name: CDIUSER
Value: di_bd3caaeaf394422b86067
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc.AnM9UaLhDpZRNaLJzbg9kugLO1rAqpRBDFl9EdQdKCQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e2c14bf6-0973-54c5-60a7-0af8aa8bb0dc.AnM9UaLhDpZRNaLJzbg9kugLO1rAqpRBDFl9EdQdKCQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4sFL9glzVMVgpwr4qouw3CaEdkg.RhRrQ5w3kuE3ZfjkABp0d4xflaBFmFJ%2FPWRkDihnhFs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4sFL9glzVMVgpwr4qouw3CaEdkg.RhRrQ5w3kuE3ZfjkABp0d4xflaBFmFJ%2FPWRkDihnhFs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN1OI74s8Z-kwMj_HOAbx6y1IT3566KermxgZTb_yZfpEHwYBCC65f6mBjABOgTa3nmDQgTQ26tD.cnakLcof%2BxIZIfveP9oHsZ4RsHcpys%2FczYeAjvkRPpw
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIN1OI74s8Z-kwMj_HOAbx6y1IT3566KermxgZTb_yZfpEHwYBCC65f6mBjABOgTa3nmDQgTQ26tD.cnakLcof%2BxIZIfveP9oHsZ4RsHcpys%2FczYeAjvkRPpw
.ipredictive.com/ Name: cu
Value: a2fb9ede-b4be-49ec-954b-55ac4d60984a|1692381882153
.company-target.com/ Name: tuuid
Value: 3c83a954-9f89-4dfa-90d2-b887ed615e4d
.company-target.com/ Name: tuuid_lu
Value: 1692381882|ix:0
.outbrain.com/ Name: obuid
Value: a7d07abb-af3f-495e-8e66-3d8f00234d3f
.undertone.com/ Name: UID_EXT_39
Value: 5475b18f-cb84-06d5-04d2-551777fd7b84
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3NDYytDA2Nbc0NDYwsjAwFOIz1A1NTU0zMCzyC_fO9AMAmXG9dyQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3NDYytDA2Nbc0NDYwsjAwFOIz1A1NTU0zMCzyC_fO9AMAmXG9dyQAAAA
.adscale.de/ Name: cct
Value: 1692381882194
.socdm.com/ Name: SOC
Value: ZN.yusCo8YMAANUS4mAAAAAA
.bfmio.com/ Name: __106_cid
Value: cec9c022-2518-4275-90bb-40c27fa3670d
.bfmio.com/ Name: __bfio_sync
Value: 6C3BAD4B741BAE8938D0C175C90BEEE2
.bfmio.com/ Name: __io_cid
Value: cec9c022-2518-4275-90bb-40c27fa3670d
.tapad.com/ Name: TapAd_TS
Value: 1692381882308
.tapad.com/ Name: TapAd_DID
Value: 38f50135-3dcc-4b60-a270-799747dbc202
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNLM0NrU0NLEw0lEysUTlW5qj8i3M0ORNkPm1AKLZEI8%3D
.mfadsrvr.com/ Name: c
Value: 1692381882
.mfadsrvr.com/ Name: tuuid_lu
Value: 1692381882
.mfadsrvr.com/ Name: tuuid
Value: 48a489b6-ded6-4798-8895-47d7be6c575d
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSkDr2DtjNhbWecieuobsdUwVHJnyMuE82HyzKY4ZF5kajxwaxCJCAIpH0srMC4Q2
.go.sonobi.com/ Name: __uir_tl
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_tl
Value: 572205591462893908588
.go.sonobi.com/ Name: __uir_td
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_td
Value: cec9c022-2518-4275-90bb-40c27fa3670d
.go.sonobi.com/ Name: __uir_yh
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_yh
Value: y-rQQOs05E2uHEs_Abz45uFOvaKZF4mH1QqoYlmJw-~A
.go.sonobi.com/ Name: __uir_co
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_co
Value: b260189533234555a018953323955580
.go.sonobi.com/ Name: __uir_an
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_an
Value: 7597054620029118479
.bidr.io/ Name: bito
Value: AAC0Ik7Jv2UAACTqc7GRqQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8342177640231574973&KRTB&23339-8342177640231574973
.adgrx.com/ Name: ADGRX_UID
Value: b4b3ad34-3df1-11ee-8cb3-719cb9187d87
.w55c.net/ Name: wfivefivec
Value: UYCeE6XS1Qx3PY5
.zemanta.com/ Name: zuid
Value: za4J1TTLHcsqOEP-BXok
.openx.net/ Name: univ_id
Value: 537072971|cec9c022-2518-4275-90bb-40c27fa3670d|1692381882318252
.server.cpmstar.com/ Name: USER_ID
Value: q-dE%aba%a6%d4%f3%dbr%edn%87%1c
.go.sonobi.com/ Name: __uir_rh
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_rh
Value: emnWOirBSCcEF1SiwHUR
.go.sonobi.com/ Name: __uir_ox
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_ox
Value: b4356aaa-1aff-0db9-156f-43f6a2671a93
.go.sonobi.com/ Name: __uir_eb
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_eb
Value: CAESEB1ZwmlP4FZbfWblLMZzGmg||1
.lijit.com/ Name: _ljtrtb_42
Value: 5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836
.smadex.com/ Name: smxtrack
Value: f2306052-bf0e-4a8f-9a05-aaf2868fa5d8
.smadex.com/ Name: smxbds
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 85242563835910057
.go.sonobi.com/ Name: __uin_zt
Value: 2810316564243691116
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 998e5ecf-c5a3-4f28-b599-21e9af40e393
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3278840519872068504&KRTB&23150-3278840519872068504
.semasio.net/ Name: SEUNCY
Value: 5FC4BD7B8350D083
.media.net/ Name: visitor-id
Value: 3353834821524092000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.id5-sync.com/ Name: callback
Value:
.csync.loopme.me/ Name: viewer_token
Value: 73fdb302-9f81-4aed-958a-512f3b1c9b1b
.bfmio.com/ Name: __157_cid
Value: y-.9gw8UVE2pL1s5u3RFuf5.Ek38NKT6Av7DsLC8IOLA--~A
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:BB882163254D4174AB34F94472E55A64&KRTB&23486-uid:BB882163254D4174AB34F94472E55A64&KRTB&23489-uid:BB882163254D4174AB34F94472E55A64
.adform.net/ Name: uid
Value: 4844965109403605106
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-cec9c022-2518-4275-90bb-40c27fa3670d&KRTB&22918-cec9c022-2518-4275-90bb-40c27fa3670d&KRTB&23031-cec9c022-2518-4275-90bb-40c27fa3670d
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-a2fb9ede-b4be-49ec-954b-55ac4d60984a&KRTB&23011-a2fb9ede-b4be-49ec-954b-55ac4d60984a&KRTB&23355-a2fb9ede-b4be-49ec-954b-55ac4d60984a
.bfmio.com/ Name: __167_cid
Value: av-0f68c4b5-3801-4a2d-8228-3bcec724df6b
.mookie1.com/ Name: id
Value: 10596547717171969174
.mookie1.com/ Name: mdata
Value: 1|10596547717171969174|1692381882679
.mookie1.com/ Name: ov
Value: 993cf0b9ce78b1064c12c4e9cfe68e39
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKNWUqMNVn-j22OqxteqpHQ&KRTB&23025-CAESEKNWUqMNVn-j22OqxteqpHQ&KRTB&23386-CAESEKNWUqMNVn-j22OqxteqpHQ
.mfadsrvr.com/ Name: ssh
Value: !taboola,1692381882
.w55c.net/ Name: matchcasale
Value: 5
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.ads.yieldmo.com/ Name: ptrt
Value: cec9c022-2518-4275-90bb-40c27fa3670d
.ads.yieldmo.com/ Name: ptran
Value: 8342177640231574973
.pippio.com/ Name: pxrc
Value: CLrl/qYGEgQIAhAAEgYI3awrEAA=
.technoratimedia.com/ Name: tads_uidp_88
Value: 2372634389002836466336
.technoratimedia.com/ Name: tads_uidp_44
Value: LLGQUH2J-26-5JSO
.technoratimedia.com/ Name: tads_uidp_46
Value: 5905007826024180909
.technoratimedia.com/ Name: tads_uidp_79
Value: 84367cad-8c1d-48c8-9682-302453f3ad3d
.technoratimedia.com/ Name: tads_uidp_37
Value: 61d9af75-bf4b-3930-827d-6b5a658aa7a2
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMsVZi6VIH6wM0BBMSAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 20c824dc-7164-48c9-9da1-2d58656db792
.technoratimedia.com/ Name: tads_uidp_80
Value: y-QRw0ohlE2uENKntvH3bL5U1zCyFfBVfv~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZN.Mwx4JwLdNbuPYQ5c0oQAA&2822
.technoratimedia.com/ Name: tads_uidp_50
Value: 93a0514d-c645-4d2e-9525-e08d44a56f8f
.technoratimedia.com/ Name: tads_uidp_61
Value: 212241219599227
.technoratimedia.com/ Name: tads_uidp_62
Value: 3353740251524081000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: C7RZ6fSRDTFROaC5SdVaG3Vak72j7Vi6
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-43b90c5a-9864-494f-bf32-cc8f0e74ffc7-005
.technoratimedia.com/ Name: tads_uid
Value: 2129E09A41B14F3196FBE4892007BDC9
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230812073535+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adkernel.com/ Name: SSPZ
Value: 183045
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: ADKUID
Value: A1331778781661050182
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005%22%7D
www.9news.com/ Name: _lr_retry_request
Value: true
www.9news.com/ Name: _lr_env_src_ats
Value: false
x.videobyte.com/ Name: vbxuid
Value: a25c2708-dcbd-44cf-9563-d52cf479f8ab
.bfmio.com/ Name: __168_cid
Value: AAC0Ik7Jv2UAACTqc7GRqQ
.a-mx.com/ Name: amuid2
Value: 36030c51-d7d5-4150-bc01-350914d50662
.bfmio.com/ Name: __187_cid
Value: C3BD0C7A-B371-4686-9220-ADA9A334E959
.undertone.com/ Name: UID_EXT_53
Value: C3BD0C7A-B371-4686-9220-ADA9A334E959
.go.sonobi.com/ Name: __uir_bw
Value: 85242568130877354
.go.sonobi.com/ Name: __uin_bw
Value: eb6f7b88-a4bc-4e60-bf79-710517cb86e8
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAH3bQhF4Tv1QMnkJyoAAAAAAA&KRTB&22713-AAAH3bQhF4Tv1QMnkJyoAAAAAAA&KRTB&22715-AAAH3bQhF4Tv1QMnkJyoAAAAAAA
.adx.opera.com/ Name: UID
Value: OPU8e65b601ffd64ab78b8fdc6231c278f7
.undertone.com/ Name: UID_EXT_54
Value: 38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
.blismedia.com/ Name: b
Value: 64DFB2BB322A2D2D0AB6C10ABLIS
.lijit.com/ Name: _ljtrtb_86
Value: emnWOirBSCcEF1SiwHUR
.smartadserver.com/ Name: csync
Value: 107:5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836|127:AAC0Ik7Jv2UAACTqc7GRqQ
.ads.yieldmo.com/ Name: ptrpub
Value: C3BD0C7A-B371-4686-9220-ADA9A334E959
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1692381883093
.lijit.com/ Name: _ljtrtb_49
Value: dDwU09hZAwd6
.go.sonobi.com/ Name: __uir_vb
Value: 85242568130877354
.go.sonobi.com/ Name: __uin_vb
Value: a25c2708-dcbd-44cf-9563-d52cf479f8ab
.lijit.com/ Name: _ljtrtb_80
Value: LLGWH5J5-B-4TBO
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAC0Ik7Jv2UAACTqc7GRqQ
www.9news.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22cec9c022-2518-4275-90bb-40c27fa3670d%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-18T18%3A04%3A42%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_964
Value: 20918-cuid_b49a7c60-3df1-11ee-9934-120817463c8f&KRTB&23354-cuid_b49a7c60-3df1-11ee-9934-120817463c8f&KRTB&23415-cuid_b49a7c60-3df1-11ee-9934-120817463c8f&KRTB&23422-cuid_b49a7c60-3df1-11ee-9934-120817463c8f
.admanmedia.com/ Name: admtr
Value: 68672530-90fe-40e1-b390-35080cc5eae0
.admanmedia.com/ Name: ac_r
Value: CS71
.undertone.com/ Name: UID_EXT_47
Value: LLGWH5J5-B-4TBO
.aralego.com/ Name: sspid
Value: 61d9af75-bf4b-3930-827d-6b5a658aa7a2
.lijit.com/ Name: _ljtrtb_97
Value: RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.sportradarserving.com/ Name: zuuid
Value: b0387f28-94b6-406f-a845-794f24da15b6
.sportradarserving.com/ Name: c
Value: 1692381883
.sportradarserving.com/ Name: zuuid_lu
Value: 1692381883
.tynt.com/ Name: uid
Value: CoIKTGTfsrtQl2vAHvTGAg==
.9news.com/ Name: cto_bidid
Value: lHa3BV8yS01BOGhGcVlET3lLallTVFNiamlpM2hrSnVHdXg2YjFoQyUyRkVnMVFNUlJnTUdCJTJGdWh4TnJqZndRQmlZemlReFI0JTJGc1FESSUyRlV6VDl4Tnp6eFBVR2VKNVJKanlCTyUyRk1LTEFwbGVIWGZsbGMlM0Q
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA5_1079D40AC_2E2BF9C4&KRTB&23092-R35CA5_1079D40AC_2E2BF9C4
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1692381883
.id5-sync.com/ Name: id5
Value: 091bb0b2-309e-7bf2-a39d-f19acaa2ebce#1692381882336#4
.doubleclick.net/ Name: APC
Value: AfxxVi7nj930NYqeeO_XXFV6h7ZIt9w1ZWyLG7jO6n4CrIhMizDXhw
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-eb6f7b88-a4bc-4e60-bf79-710517cb86e8
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883963%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883963%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883963%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883797%7D%2C%7B%22p%22%3A%22179d15a463%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883797%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883797%7D%2C%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883797%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883797%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883797%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883797%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883963%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883963%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1692381883963%7D%5D
.9news.com/ Name: cto_bundle
Value: KNnm1F9qNFdsRTBJcXc1amNlZkZvMllZNXpCQjBBZ3RtTHU5T2VHTWc3bUVWd292VWpLcVJ0NDFmNXJrJTJGa0s4UiUyRnBQT1lGY1JVUzlZbTNTTHZMYUx0YTFCZXFmbzUwWDR4b2pwMzZRYXozUFRHT1U3S2JLREk3c2ZqYmpOS2VDRTZhWkNFUmNENGt0RnRrQmJLQ0JibFZzSGpBJTNEJTNE
.go.affec.tv/ Name: ck
Value: 64dfb2bc6edd410001bb870c
.go.affec.tv/ Name: oo
Value: 1
.eyeota.net/ Name: mako_uid
Value: 18a09d22f74-4de90000010a58fe
.eyeota.net/ Name: SERVERID
Value: 22782~DM
.rezync.com/ Name: zync-uuid
Value: 2c33f1c8-7842-4c82-b3d6-3cf20ce43d4d:1692381884.2563138
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553&KRTB&23418-38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5538-2!5538
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXB0RWAMAgDwB_XwScJ0tRxBDuIk_fuPwaKXF6yoYBFCfay01gLV33Bjn48JyiX4sSddGoDdnW-LDoAAAA
sic.33across.com/ Name: JSESSIONID
Value: dsic-001-chi~3qmbze60-ik21ezhl-3fu21tep-l83zappt
.w55c.net/ Name: matchpubmatic
Value: 5
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230818%22%7D
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.thrtle.com/ Name: mc
Value: eyJpZCI6Ijk0MmI0OTUyLTNjYWItNDk5Yi04OWExLWQyYjhmNmRlOGJiYiIsImwiOjE2OTIzODE4ODQ2MzIsInQiOjJ9
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:UYCeE6XS1Qx3PY5&KRTB&23421-uid:UYCeE6XS1Qx3PY5
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-4sFL9glzVMVgpwr4qouw3CaEdkg&KRTB&23334-4sFL9glzVMVgpwr4qouw3CaEdkg&KRTB&23417-4sFL9glzVMVgpwr4qouw3CaEdkg&KRTB&23426-4sFL9glzVMVgpwr4qouw3CaEdkg
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsW2iIULmO2UhOy6RZxPzPefX6-5B0wfWxb7qutO5R9-9oA-mqXOpQDevst9oQCOWUmFB5TRvYkHuEcoFvv7b1OrV6FlHlGFZckkAsq5B5co2OdyasFrqEWjJlYUCTcaIyMLHD-AYtXJWo.ZN-yvA.DwzXDwyw_DF0tNlyRZ_nJ6mnAsM
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_bd3caaeaf394422b86067
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-979321835791302801
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb&KRTB&19420-m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb&KRTB&22979-m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb&KRTB&23403-m-izRs_utRmA7OEUnuv6GJjkskaA7rNBz-zvBanb
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-b4b3ad34-3df1-11ee-8cb3-719cb9187d87&KRTB&23275-b4b3ad34-3df1-11ee-8cb3-719cb9187d87
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-998e5ecf-c5a3-4f28-b599-21e9af40e393&KRTB&23340-998e5ecf-c5a3-4f28-b599-21e9af40e393&KRTB&23498-998e5ecf-c5a3-4f28-b599-21e9af40e393
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY5MjM4MTg4NCwiaWQiOiI4MzQyMTc3NjQwMjMxNTc0OTczIiwibHMiOjE2OTIzODE4ODR9LCJ0dCI6eyJkdCI6MTY5MjM4MTg4NCwiaWQiOiJDb0lLVEdUZnNydFFsMnZBSHZUR0FnPT0iLCJscyI6MTY5MjM4MTg4NH0sInRkIjp7ImR0IjoxNjkyMzgxODg0LCJpZCI6ImNlYzljMDIyLTI1MTgtNDI3NS05MGJiLTQwYzI3ZmEzNjcwZCIsImxzIjoxNjkyMzgxODg0fSwidiI6MH0=|1692381884|c964f8e133298bded973e97a53bd52c3fe564b36
.ctnsnet.com/ Name: cid_f697648cd9e64504988b1ec9897de3f6
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-C3BD0C7A-B371-4686-9220-ADA9A334E959&KRTB&23413-C3BD0C7A-B371-4686-9220-ADA9A334E959&KRTB&23479-C3BD0C7A-B371-4686-9220-ADA9A334E959&KRTB&23505-C3BD0C7A-B371-4686-9220-ADA9A334E959
ads.playground.xyz/ Name: connect.sid
Value: s%3A6RmsQdqRygLRUlM4fFxu0jPd6GERwuo6.EbJQ1%2B1HysprS3bZmfs8mMypIaXJEo7bB2L1NWdq6V4
.acuityplatform.com/ Name: auid
Value: 815495536687
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRQI6IxKUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUCOiMSlI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4844965109403605106&KRTB&23263-4844965109403605106&KRTB&23481-4844965109403605106
.pubmatic.com/ Name: PugT
Value: 1692381885
.mathtag.com/ Name: uuid
Value: 772b64df-b2bd-4800-8735-0aa640d77ef7
www.9news.com/ Name: OX_plg
Value: pm
beacon.lynx.cognitivlabs.com/ Name: ss
Value: tC7D6zfEBChHqjJnE5Orj3JbMItn44hxZthNwjgnIR4J%2BOpTeILPNBJ7REJ16YdJO%2FumrswvBlRzj1KjlZECF1%2BTCoKtDOLsrsDnNQus8Y0%3D
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-815495536687&KRTB&23428-815495536687
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005&KRTB&17107-RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
.liadm.com/ Name: lidid
Value: 91825204-d3bf-4722-9a18-d0cdb2a60351
.pubmatic.com/ Name: SyncRTB3
Value: 1693526400%3A233_13_3_99_264_234_176_239_231_240_48_165_8_5_220_71_238_243_204_46_56_249_250_96_166_104_178_81_55_21_214_54_22%7C1692921600%3A223_38_2_15%7C1693180800%3A63%7C1694908800%3A224%7C1697500800%3A69%7C1693612800%3A35
.inmobi.com/ Name: idsp_c
Value: ab840700-4629-4c01-a0fb-8dff8340a404
.openx.net/ Name: pd
Value: v2|1692381881.4|vPvMgakWgy.hMg6wvmmfYiKhAbwn8uYlwwDwtvZmKvJeSnohEf4gKwrg2csf8vUvuoqvRwi
.c.appier.net/ Name: _auid
Value: t73J9BPICYmy_shbvbLfZA
.sitescout.com/ Name: _ssuma
Value: eyI3NyI6MTY5MjM4MTg4MjUzMywiNDUiOjE2OTIzODE4ODQxMDMsIjI0IjoxNjkyMzgxODgyMTQ0LCIyNyI6MTY5MjM4MTg4MjY4MywiMzkiOjE2OTIzODE4ODE4MTcsIjE3IjoxNjkyMzgxODg1NTQ1LCI3IjoxNjkyMzgxODgxODE3LCI4MCI6MTY5MjM4MTg4MTgxN30
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-t73J9BPICYmy_shbvbLfZA
.quantserve.com/ Name: d
Value: EC8BHwHeKfijCJiTCuu4EIuc0QA
.clickagy.com/ Name: cb
Value: ZN-yvd-jWh7TFqIs08ekkzY1
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2023-08-18 18:04:45"}]
.dotomi.com/ Name: DotomiTest
Value: ef5aaee7cfe15f0
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XNoRWAMAxF0cMAqM5RTpOfpoFxSOlASCQjIBkNhaTIa967hpF0ZhiZiZLenbMlPJ2ZVPZQ2IFGbrGYcBQ3jiuqRnjj5JugSl2-6MRZQbAjdKec0vk3vW7S0laKAAAA
.lijit.com/ Name: ljtrtb
Value: eJwVzMsKwjAQheF3ydqBSTJJO%2B6styKFQmtR3OVW7EIXUulCfHfj9vs55yOIxVrE3TIg32%2BbJVqxEiVma5rjpTYnAxXQuWozc5G5u4IrAyVKEqR0BVDkEZwLAVgjJZW0994Covk%2F2TxJj%2BelnV5Vvw37g%2BynpR663EjlZnxgdijBWCIgiwqcGRMkhcgxUvCFhvkdZh9Zl9qK7w8y1i77
io.narrative.io/ Name: io.narrative.guid.v2
Value: b6dd8e90-3df1-11ee-b039-16c962239a11
.bluekai.com/ Name: bkdc
Value: phx
.media6degrees.com/ Name: clid
Value: 2rzlm7x01170r27jucusl1i9000000016e010x01801
.media6degrees.com/ Name: acs
Value: 012020k1rzlm7xxzt10
.media.net/ Name: data-o
Value: d734bf37-602b-0056-0d18-34be32bec90a~~3
.agkn.com/ Name: ab
Value: 0001%3AKxYTKouhhd7uP%2BTvRl5F%2FTCvmE0j5LPm
.owneriq.net/ Name: pmc
Value: 1
.mxptint.net/ Name: mxpim
Value: R35CA5_1079D40AC_2E2BF9C4.1.000000000000000064DFB2BB000000000000000064DFB2BE
.w55c.net/ Name: matchopenx
Value: 5
.adsby.bidtheatre.com/ Name: __kuid
Value: 9573d229-ef09-4f10-bbba-f4744b5fb487.461595886
.owneriq.net/ Name: p2
Value: oxc
.owneriq.net/ Name: si
Value: Q7456682861811089444P
.owneriq.net/ Name: oxc
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 15
.pubmatic.com/ Name: DPSync3
Value: 1693526400%3A245_262_226_263_219_261_197_235_228_236_260_259_201_256_258%7C1692403200%3A255_248%7C1692921600%3A252_253_164_265%7C1693353600%3A257
.tribalfusion.com/ Name: ANON_ID
Value: aTnvfMNj6WlCyhURB5xU4KZdxal0FYqUYPkyvQ6OqYi5HrDWWnG3GPCWdHWObru4MdTd8mZdDZcqIyHdaIcoJimg8l3XnY7K3009VlLYyNRZde1vbPnMLVh6
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1692403486351
.rlcdn.com/ Name: rlas3
Value: IzG3Laj+yF0aBmt0qUNrdUb8FcaQ9qlkkyX2QmetgZI=
.rlcdn.com/ Name: pxrc
Value: CLnl/qYGEgUI6EcQABIGCLrqARADEgYIwuoBEAUSBgi46wEQAA==
pool.admedo.com/ Name: tuuid
Value: 66b1fa93-2ac7-47d8-832e-50b904d41770
pool.admedo.com/ Name: c
Value: 1692381886
pool.admedo.com/ Name: tuuid_lu
Value: 1692381886
.clientgear.com/ Name: mkuuid
Value: mke840eb0bf5524587b7da392fb853c81f
.onaudience.com/ Name: cookie
Value: 3242ffb915749995
.onaudience.com/ Name: done_redirects109
Value: 1
.lijit.com/ Name: _ljtrtb_92
Value: 8342177640231574973
.audrte.com/ Name: arcki2
Value: eflNWRg7xoURRG7acS5Q3192A!20220908!1692381887030!ip#38.132.118.72
.audrte.com/ Name: arcki2_pubmatic
Value: C3BD0C7A-B371-4686-9220-ADA9A334E959!20220908!1692381887033
.tremorhub.com/ Name: tvid
Value: 62058e3d53d74fe1bfb089820f6f9c23
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCNiH0oj0h5A8EAUSFQoGY2FzYWxlEgsI1qHnjfSHkDwQBRIbCgxzaGFyZXRocm91Z2gSCwjC6M2R9IeQPBAFEhYKB3J1Ymljb24SCwikpfWX9IeQPBAFEhQKBXRhcGFkEgsI2LH_mPSHkDwQBRgBIAEoAjILCMykqPCKiJA8EAU4AVoHOGg5dTExaGAC
.audrte.com/ Name: arcki2_ddp2
Value: eflNWRg7xoURRG7acS5Q3192A!20220908!1692381887399
.tremorhub.com/ Name: tvrg_60267
Value: 1,1692381887
.id5-sync.com/ Name: 3pi
Value: 464#1692381882860#-556221057#5bc99a01-5644-4602-a5fe-e2009dd4cb73-tuctbd93836|2#1692381883753#1605217369#8342177640231574973|434#1692381884265#964717428|3#1692381887258#1364760469#772b64df-b2bd-4800-8735-0aa640d77ef7|264#1692381887467#182722017#cec9c022-2518-4275-90bb-40c27fa3670d|441#1692381885130#578859616#u_b9bf43ab-9980-4c7d-a580-67bb89630f4b|155#1692381884060#-1132572792#AAC0Ik7Jv2UAACTqc7GRqQ|203#1692381885516#1456356511#1d1acbe0-8756-4956-85c8-cdafaf2c8eb7|108#1692381883302#-398058218|1244#1692381886513#-876150013|429#1692381884680#568683219#C3BD0C7A-B371-4686-9220-ADA9A334E959|1246#1692381886916#-876150013
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.pubmatic.com/ Name: SPugT
Value: 1692381887
.audrte.com/ Name: arcki2_adform
Value: 4844965109403605106!20220908!1692381887543
.aniview.com/ Name: aniC
Value: 1692381889468-994613872329-001229-001-002651
.contextweb.com/ Name: ccpa
Value: 1YNY
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1md1|4is.0.CAESEC2l0FhEOWxQxaDZEiHcQ9M|7TY.0|7dW.0.1|2N.0.AAABw5NPE5oNxANl_CLRAAAAAAA|8jz.0.1|3oy.0.38a04cc8-b1ce-4f4f-a2c4-966a6032d6d8-64dfb2b9-5553|85a.0.1|8jE.0.1|7dN.0.AAC0Ik7Jv2UAACTqc7GRqQ|8i8.0.1
.technoratimedia.com/ Name: tads_uidp_73
Value: AAC0Ik7Jv2UAACTqc7GRqQ
.aniview.com/ Name: 1_C_3
Value: 2129E09A41B14F3196FBE4892007BDC9
sync.aniview.com/ Name: 1_C_3
Value: 2129E09A41B14F3196FBE4892007BDC9
.aniview.com/ Name: 1_C_18
Value: HLDcfQZHcHxqw-twSRG0RE1f
sync.aniview.com/ Name: 1_C_18
Value: HLDcfQZHcHxqw-twSRG0RE1f
.aniview.com/ Name: 1_C_10
Value: dDwU09hZAwd6
sync.aniview.com/ Name: 1_C_10
Value: dDwU09hZAwd6
.aniview.com/ Name: 1_C_1
Value: C3BD0C7A-B371-4686-9220-ADA9A334E959
sync.aniview.com/ Name: 1_C_1
Value: C3BD0C7A-B371-4686-9220-ADA9A334E959
.aniview.com/ Name: 1_C_23
Value: 439a4e02-c31a-0eaa-3b34-ffcd040772e4
sync.aniview.com/ Name: 1_C_23
Value: 439a4e02-c31a-0eaa-3b34-ffcd040772e4
.aniview.com/ Name: 1_C_9
Value: 2f3953791de8276ad86e884a0bc
sync.aniview.com/ Name: 1_C_9
Value: 2f3953791de8276ad86e884a0bc
.pswec.com/ Name: tuuid
Value: f026e252-144f-416e-a656-1a54e96cc56c
.pswec.com/ Name: c
Value: 1692381890
.pswec.com/ Name: tuuid_lu
Value: 1692381890
.aniview.com/ Name: 1_C_56
Value: 73fdb302-9f81-4aed-958a-512f3b1c9b1b
sync.aniview.com/ Name: 1_C_56
Value: 73fdb302-9f81-4aed-958a-512f3b1c9b1b
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cx~2df6:1969~2df6:18y3~2df6:1991~2df6:18z8~2df6:190u~2df6:18za~2df6:196y~2df6"
.aniview.com/ Name: 1_C_105
Value: c28ee0e9-df1e-4d35-8383-5ac27408fe76
sync.aniview.com/ Name: 1_C_105
Value: c28ee0e9-df1e-4d35-8383-5ac27408fe76
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYzI4ZWUwZTktZGYxZS00ZDM1LTgzODMtNWFjMjc0MDhmZTc2IiwiZXhwaXJlcyI6IjIwMjMtMTEtMTZUMTg6MDQ6NTBaIn19LCJiaXJ0aGRheSI6IjIwMjMtMDgtMThUMTg6MDQ6NTBaIn0=
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005%22%7D
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|dAX8dD+5tEfrwB3JCi0NrNHGwCH0b4K7vV3MaCZ2XMI8fCYmOTvXgx713UcV+oDQAA6rIuBftYXLv0ZnN1+t0QRHMC2O7Phcua5UjcErC9AVsMkaugN4mbrFhqLSZD5kjTEmHp7JOzQ=
.aniview.com/ Name: 1_C_24
Value: eb6f7b88-a4bc-4e60-bf79-710517cb86e8
sync.aniview.com/ Name: 1_C_24
Value: eb6f7b88-a4bc-4e60-bf79-710517cb86e8
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2In4jHMWu!fsu$o^[(0D$25ADb6_:!<gCy$qow-
.adnxs.com/ Name: icu
Value: ChgI39VKEAoYASABKAEwveX-pgY4AUABSAEKGAizxWYQChgBIAEoATDC5f6mBjgBQAFIARDC5f6mBhgB
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYzI4ZWUwZTktZGYxZS00ZDM1LTgzODMtNWFjMjc0MDhmZTc2IiwiZXhwaXJlcyI6IjIwMjMtMDktMDFUMTg6MDQ6NTAuMzY4NDM2MDg4WiJ9fX0=
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6ImMyOGVlMGU5LWRmMWUtNGQzNS04MzgzLTVhYzI3NDA4ZmU3NiIsImV4cGlyZXMiOiIyMDIzLTA5LTAxVDE4OjA0OjUwLjQzNDEyMzM1NloifSwicnViaWNvbiI6eyJ1aWQiOiJMTEdXSDVKNS1CLTRUQk8iLCJleHBpcmVzIjoiMjAyMy0wOS0wMVQxODowNDo1MC40MzM2NjYzNFoifX19
.aniview.com/ Name: 1_C_5
Value: LLGWH5J5-B-4TBO
sync.aniview.com/ Name: 1_C_5
Value: LLGWH5J5-B-4TBO
.aniview.com/ Name: 1_C_200
Value: RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005
sync.aniview.com/ Name: 1_C_200
Value: RX-a8c4e4e1-11a7-4d9f-aacc-9304e2e3bbb6-005

64 Console Messages

Source Level URL
Text
javascript warning URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22(Line 1135)
Message:
It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
javascript warning URL: https://www.9news.com/assets/js-libs/akamai/amp/core/amp.js?apikey=tegna&version=9.1.22(Line 1135)
Message:
It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
network error URL: https://tgna-ux-ctrl.service.signalr.net/client/negotiate?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=ZsJhKRMwAAA%3D
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=3276&u=https%3A%2F%2Fwww.9news.com' from origin 'https://www.9news.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3276&u=https%3A%2F%2Fwww.9news.com
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 481)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.9news.com/video/news/local/colorado-tried-to-weed-out-unemployment-fraud-and-caught-thousands-of-real-claims-in-the-process/73-2d942893-5578-4aa0-a328-3528a43a3f53
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=3276&u=https%3A%2F%2Fwww.9news.com' from origin 'https://www.9news.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3276&u=https%3A%2F%2Fwww.9news.com
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://tags.bluekai.com/site/30907?id=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C3BD0C7A-B371-4686-9220-ADA9A334E959&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=6f5eeefe-658b-41c1-aa64-1cde178e9d11
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=dDwU09hZAwd6&obUid=sDPhGa7RzJpmYvba2HJeeXn6b9PDoozD4hjwWXPSE2RKZepqpNKibLJLkllgSRgA&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform&ev=1&us_privacy=${us_privacy}&pid=562709
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ups.analytics.yahoo.com/ups/58543/sync?redir=true&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ups.analytics.yahoo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.stickyadstv.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.aniview.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imprchmp.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.serverbid.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.serverbid.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ch-match.taboola.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
network error URL: https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=eb6f7b88-a4bc-4e60-bf79-710517cb86e8
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.9news.com').
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2266a7f10398fb304e945be267393acb.safeframe.googlesyndication.com
33across-d.openx.net
33across-match.dotomi.com
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a5587.casalemedia.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
amazon-tam-match.dotomi.com
amp.akamaized.net
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
api.rlcdn.com
assets.a-mo.net
ats.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cdn-ima.33across.com
cdn-sic.33across.com
cdn.adswizz.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.opecloud.com
cdn.taboola.com
cdn.tynt.com
cdn.undertone.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
ch-wf.taboola.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
collector-16834.us.tvsquared.com
collector-21104.us.tvsquared.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csync.loopme.me
cw.addthis.com
d.adroll.com
d.turn.com
d24zb9qreavi2u.cloudfront.net
d2c656a46ae55087eb14ed232c3712d8.safeframe.googlesyndication.com
de.tynt.com
delivery-cdn-cf.adswizz.com
dis.criteo.com
dis.eu.criteo.com
dmp.adform.net
dmp.brand-display.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
engagefront.theweathernetwork.com
eu-u.openx.net
eu.ads.audio.thisisdax.com
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
gklfs-1dic0.ads.tremorhub.com
gocm.c.appier.net
googleads.g.doubleclick.net
gov.aniview.com
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
hospitablehall.com
htlb.casalemedia.com
i.liadm.com
i.simpli.fi
i.w55c.net
i6.liadm.com
ib.adnxs.com
ic.tynt.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprchmp.taboola.com
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
jzwjq.ads.tremorhub.com
krk.kargo.com
lb.eu-1-id5-sync.com
live.rezync.com
livevideo.tegnadigital.com
livevideo01.9news.com
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
media.9news.com
moorshoes.com
mug.criteo.com
mweb.ck.inmobi.com
native.sharethrough.com
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
openx2-match.dotomi.com
ow.pubmatic.com
oxp.mxptint.net
p.rfihub.com
pagead2.googlesyndication.com
pdmp.profiles.tagger.opecloud.com
pdmp.tagger.opecloud.com
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pm-widget.taboola.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
ps.eyeota.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
sc.tynt.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
sic.33across.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssl-market-east.smrtb.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
stx-match.dotomi.com
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-pm.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aniview.com
sync.aralego.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.pswec.com
t.pubmatic.com
tagger.opecloud.com
tags.bluekai.com
tags.crwdcntrl.net
tags.tiqcdn.com
tegna.profiles.tagger.opecloud.com
tegna.tagger.opecloud.com
tg.socdm.com
tgna-ux-ctrl.service.signalr.net
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
trace.mediago.io
track1.aniview.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usermatch.krxd.net
usersync.gumgum.com
usr.undertone.com
usync.vrtcal.com
vast.aniview.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.9news.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.serverbid.com
x.videobyte.com
c.amazon-adsystem.com
match.bnmla.com
ssl-market-east.smrtb.com
sync.aniview.com
104.117.182.171
104.117.182.185
104.18.11.47
104.18.18.219
104.18.24.185
104.18.25.112
104.18.25.185
104.36.115.111
104.36.115.113
104.36.115.121
104.76.100.229
107.178.254.65
107.23.140.175
108.138.106.114
108.138.106.17
108.138.107.138
108.138.128.46
108.138.128.83
108.139.29.25
108.139.29.63
124.146.215.51
13.224.214.111
13.225.214.20
13.226.34.25
141.226.124.48
141.226.224.32
141.226.224.48
142.250.65.194
147.75.195.55
15.235.15.221
151.101.1.108
151.101.1.44
151.101.194.49
159.89.246.130
162.19.138.117
162.19.138.120
162.210.196.208
162.248.18.34
162.248.18.37
172.105.199.172
172.240.219.212
173.231.178.83
174.137.133.32
178.250.1.9
18.117.18.227
18.157.96.169
18.164.116.107
18.164.124.41
18.164.96.43
18.164.98.157
18.205.43.234
18.208.101.220
18.213.122.129
18.213.251.77
18.218.81.139
18.239.168.96
185.167.164.37
185.184.8.90
192.132.33.46
195.5.165.20
198.148.27.131
198.24.170.50
199.127.204.171
199.38.167.130
20.127.253.7
20.85.134.6
2001:4860:4802:34::178
2001:4860:4802:34::181
207.198.113.87
209.204.229.28
216.200.232.249
216.22.16.5
23.105.12.136
23.105.14.105
23.214.232.233
23.22.30.75
23.23.38.193
23.43.66.117
23.47.64.205
23.52.144.179
23.52.163.93
23.88.86.2
2600:1402:800:28d::2c79
2600:141b:5000::173f:4c91
2600:1901:0:7416::1
2600:1901:0:7ec2::1
2600:1f18:4e9:5a02:d83a:9713:23f4:8b03
2600:1f18:612b:4216:f43a:e101:3c9c:ed02
2600:1f18:612b:4264:963:162:4e0f:64ff
2600:1f18:61c0:2204:de3b:4e7f:13ed:76e2
2600:1f18:ed:550a:fdb3:b355:1994:e0eb
2600:9000:20ed:3e00:7:2bfb:7c00:93a1
2600:9000:20ed:5000:1f:2473:9080:93a1
2600:9000:23ca:bc00:8:48e:53c0:93a1
2600:9000:2510:fe00:1b:fdeb:7440:93a1
2600:9000:2511:2a00:1b:5138:8a40:93a1
2603:1030:10:4::8
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::ac43:266a
2606:4700:3037::ac43:9a47
2606:4700::6812:17ea
2606:4700::6812:19ad
2606:4700::6812:1d26
2606:4700::6812:aa72
2606:4700::6813:9f13
2606:ae80:1471:17::1080
2607:f8b0:4004:c1d::9d
2607:f8b0:4006:806::2001
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2006
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::2003
2607:f8b0:4006:821::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
3.124.202.93
3.134.46.108
3.135.132.32
3.209.40.124
3.212.219.210
3.220.109.214
3.225.218.10
3.227.122.175
3.228.223.152
3.232.158.174
3.233.41.53
3.233.86.45
34.102.163.6
34.102.253.54
34.111.113.62
34.117.228.201
34.117.239.71
34.120.155.137
34.120.23.223
34.149.20.76
34.160.19.107
34.230.170.218
34.235.212.6
34.238.96.3
34.96.105.8
34.96.71.22
34.98.64.218
35.169.212.145
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.207.24.140
35.208.249.213
35.210.53.219
35.211.118.13
35.211.178.172
35.211.233.246
35.214.163.181
35.236.220.17
35.236.221.183
37.157.6.254
38.68.201.140
38.91.45.7
38.98.69.175
40.76.134.238
44.207.104.173
44.207.214.52
44.215.82.85
44.217.133.253
47.252.78.131
50.116.194.23
50.19.227.133
50.57.31.206
51.222.39.187
52.1.173.131
52.17.235.226
52.203.12.78
52.205.141.27
52.207.45.55
52.223.22.214
52.223.40.198
52.28.251.196
52.45.151.151
52.46.143.56
52.48.58.160
52.70.223.235
52.71.232.98
52.71.238.15
52.85.132.42
52.94.222.140
54.144.152.166
54.156.189.155
54.156.26.12
54.159.93.151
54.161.131.163
54.177.139.216
54.205.121.138
54.225.115.28
54.225.185.242
54.225.219.245
54.237.181.95
54.87.189.207
63.251.114.182
63.251.28.134
64.202.112.191
64.227.64.62
67.202.105.21
67.202.105.22
67.202.105.23
67.202.105.24
67.202.105.31
68.67.160.117
69.16.175.42
69.166.1.35
69.173.151.100
69.173.151.96
69.90.254.78
70.42.32.191
72.251.238.254
74.119.119.139
74.119.119.150
8.28.7.105
8.28.7.82
80.77.87.161
82.145.213.8
96.16.194.129
96.16.25.140
96.16.25.160
96.17.64.130
010e128b57dec050c1a5a238e8d18f42ba3b66f4fc52cc83cdd392c230263544
021f3829ba5dd75143b23d6c8875bcd2d2b3fe92d1ad3d1ff1f24ed4f0fde55f
0329b4a470d9cfdfd817467e30eb264e143f05f277692edf2eeeca6bb54b2e32
0362dafd95d25a560a28d0899cbfdc355936ec576e8d2d3606ad2c43aa7e850c
0395ca7725e5f2699b27bd18b51e6f77d4f0478a4dafea4665cdcbf096b184cb
03a6c5932f2d6e204d9ab259162a5f3f8a28443307b4713721338da85c61da6a
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04582429d7cf90291ffad9a63a7f88be81196e726ec7afd1032e408bdd8dac80
04a502882d78e55d8d1261afa8c228cf1783d16cd80a753a9bc1d265e4407fc9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
0917b1b621bc1fbc503f1cbec84a14688d2a479b44540ec18b9fabeb5da4107b
0942959fde1bb2d1cf4f72d0dac0a2fa1d2b9868c47ce170c27ceb37b9617768
0945f99e7812f5ea0d902014ab9c047a3bd43700787c7de2413414702beca79a
0952655b4de0dc391c740b941f24fd94ec44b10629808611ffc6d4dc29460de7
0a2ec35cdc5f98981f8b5b75c4b54c72d628d9aa144159e500884806b3c99309
0acfa47924a6bdcd0106270ba7c550f8a3938fd5ae63d3fe9bcca430f730be59
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b45cc80258f72283185f78dc0958e70654cbc33f894b847ce5040de603829d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d4a7efc1f68e6b1ad441bd8c324bed0df281338fa388f2c9f177c9d6adb7aa8
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0fabdc72d372e17f97f068e71888384da61697963cc340e51d55965a4c25fe90
0ff4fe886c21f09a3ba144b93e3eb818a5152eaac69c25fce50a31677078c533
1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
16235d26a4505b22b5b62c524f5de5daf63ab483046da51209f5eae79dbe6317
169ee924cc881489a71214f9dcc851bcc6ea7bd0a6f8a6d9f6818967a7470cc7
17ebac44db06ac7e1e99a153513f40c7661ea1311fb9a69f81efeadf417e6384
1846909b23ec314565597583038d127f42929e52f96eb4a6872434ac9a1347a9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a397c8e3701c39e45c6f3906cd568781f6b10a0560877e6356b3bd2d2f344bb
1b3aa4d25a4573cb4e3c84dd9eb6feb79f973e69b92e78a2d6cc4f33674284ec
1b7c00d19a3d05ae9cc1442d4ad09319c131495ceb20ecca91712e915b75f60b
1bdfeca9aed2813478ac8015499f877e0720d021f08793cf3240cfb2d334d7c6
1c9578a7316e46e0ec601d40c7ac0f14f458410cc1c2c290f75defbdae0a0b86
1cc1f6a83322ee4d9af14f97f28c431b67bea2446b538d17e208f4beb6c460eb
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2154f7c57caa0ca6f1dd65bfe7c9846234b9f667de7fe1bb528a420818e4e2bc
227ece5ef6d84d7cca3a6d203d604bd50b1fd20a73e615de3f9066fde5c400c4
228a8784b227290823d25076b181b9ee5e83e14c8535b72a3a063a446ddce95e
234584bfb39ba6afb3f792055acd546273511ef0063ed8234f66a99ca15e2494
253e694818b44dc8e84e70f4d4ef5a8dfa14e3b1f5106a46458a3409a3e4b1ea
2774640b1d27c3aa4e178db75e4a77fd9ae7d9b01fa15e29de0a05bc21d3d829
2940e4ba09a2d8c143c4080bde49dce9b945f6ace955e643ebe74fb73a8aec67
29e96620a0c4f75d8b5d664ea350835ce5fe8a0b857864b7818b2f6b4c65b263
2a39ba93ef882b3f71b18c8948d4ba3a00002c0ba59029fdc1368796eeda3ab2
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bdd5ff9d84c48ac7b21fb0d032cbefb65d98f3d04665356bcc433078cf1acd2
2cd9160ce46db8a3688240d9461c78c803285cbd34a75ef58e8b402392115a0a
2d3f90c03fcef37f116ee6f93c349128e0b02b669528bcb27d59b3ae92a6deff
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e29b432b4732c5c58bb37323f3cf0eca36c8b1f985a5f155e4c14a2d53d3b08
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d0a285606f1e2daa6a3f104cda8b88c48ca16c2235a00d8835ea1a89e646d7
31cf098fbfb97c9b8a16ca356d781a251e8ebaa3122e8176bad1a50acec1e2eb
32cb6c01d8dcb5d8adfd389beff0a5f21bc3e33fe7f731db094bea6f4c66b843
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
33851354aff7094db48330044339efaec42eda67dc57b395b5668ee98fcfeb17
35e43c314ae5343a0458ec39d9bf72810a5c8f3579ba0c46ed43d7dcc581ca51
360310ac8561182ff6dc660f780717e9894912b246eac96f515d0fdcd8871533
36746cc63c2ef7cefba2cafac9dd0006ac095792b0ebf374819d77d5e0157c92
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
378bac3dbc1b1e4a26a077863b6260302f1321c02b52b40243ef1f0c8eca6404
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38e79e1837143f641bed38f956e6968dbf23ce97b78bfea00f5dcbebe3c7f1c5
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c
3c3432547e64ebec0e8184ef2e62a7510268897ad4998699b50542f70985f08d
3ca0a91cad06c7f0c5dd56442a13d91e8b96b97dc079d25a986960717bd5e172
3cf2ce4f8e20c1eb57088d7d37f8d64803120d07ba5c51b7fd1e72a906f01179
3d0b9c36f50c5b00737cf19ae5f3238d7f6ec8d9145d256c1ca29554fb4a23cd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e5b0e5ece993efe9470a053cad3c0118664679c6a544a07263e2061fd20da1e
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4bf47fe1f905f6d7f7738a8840cc85715b2fe6876c07fdcb75e84384b23a6a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a5ed7f75ee33b0e2dcda682c8890fdd626e7cffa01f6b56a1e2a5e874300fd
41d1a0b500ce0da4f2137de6db228afa93c113a30a0b299d9c3b54283797d85d
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e509b5dc6b0bb4439804a177e1933c7daa8509977fe79744b12a4ff91c6567
42e6acf140555f98ba6c546b8f852f27c4734c6536fb61fcc8e19c40e68c59c1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444966674ac8d3a055e1a85b03a48a6ff808497e8fb32d1a03d1faf483f8b446
448e9db1fb3f22464605116b041e8a2506ded0acd97cad2e5e491e09d8a46ed6
454737b778ec0d97203c61426d10b0d032da4730247e0d239f587059de318e02
460a63d5236b5fe977f6490e9845a96c7fe4075ce7cb449b7d5798e2a35ef4b3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
497483f02597286bf1ae8a6d4260028cebb820523eefbf92b024986794f39826
49a76594598ff5568a4fa6429e6d6365769e0859b8e1e913b49768583c8cd5e4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4ce7739249a41529581c3d8d38ab20041690decd52cf0d78fdea96faecd72644
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e208b816366eeff3fcc698b33f15e5b8955aa9aad79ba060d4c37f89671c3b4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f88d20cbdd370befd03e5fa7686b986230a1f81228c0d0783c0dc96bed0cc54
4fcae58533cfecc2cdc7cfc7271bc5948194e2eec38f3ab1ded6cbe383764adf
4fe047cd85380a8c2b70897bac249076e37ab3445514ba883177b03cb35927e4
502cd704398ac3247113235aed2e47ed59df1e53384262055328215debeb078a
503d7498188da4092f6475a0ea1ed3a3fe65e0fcd8e87f9e5d009a8668657dd6
515a57bd4a8c546cdb6846c84310dc905866472365fbc4c84fa54bd218244fb1
5262b201162ba12ef74884d37638e9b52aca2f4b123634028f33e9fdeede7340
528edf18a8ceff9b972df6c345e287ae5fae296684952e18c4dde0d0173d882c
52e10d7f94e51a0d4a3fc094b4acd9265919fcdda1733e7ef2ca834cdadb6f20
52ee66c35fa6e78f16c92d1024a005f3320f719c68e5e5e1681bf7a4e5fdb664
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9
53d4ceea45222fc610fd480f08b69c9156126fba28c28370cbdbb3818d3bd9fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5712e295ec2cbabae21b92a673c55001e6fdbbaa282b5cb1e917c89536c24366
58c9c68121fafcc314ae2149f5e005ced17bc27359a600003a60393540144d42
5a8a2589af4d9b5425821a23dff1779d6c0d35b33c66dda9069bd010b3237d61
5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd
5ce493c067fd77054248cf1bbd109c1d3ab1b1dd5e3854dadc536a75e3385ec6
5dcd94ef8ae374036b8d542e717122ca22b89e01408779657d18527275199d86
5f5b423d7627c277e16f9da9afa2c2a254ae367007027d9d8e0013c4d0f5734d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603b4aa607e495df814eb23c7c2d88066f08ae7cb12abe5a8bf3e5e602a4d219
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61287137b5cc9f3923e0162b7267fa86a3941b3c349e7cf0dbcce1da7b458816
614b9157e3ffa774359e0c94ddb3e51072cc79cce824c6f2ce5bf0ca6af97806
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6248533a5a442f21d8ebbf331872c5ee454d7d581643d5e356545d6f5847d8e6
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6365555335a4a50e60c4282b958c7a26be890f5ffb5cc640d0e58a269ca1fedf
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
64866c2a04b368a118af42a2b35ee1ffe09e896f15d02dbf3caef5b44269dde5
66c1893dd97b78f16eb97cbf5523d31c61262b1a2a0dfb7b6882b1387cf98188
678f6c6aa3fc801e39e67f813c12e74f0b3bfbedcddc2e770f0d6b172c8c76d0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a865df32cf1ddb9e86fe60fd53bb4806a19b60ff931cc4c62214caad92adf97
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aebd0010919d034294ba56c8556c743ee9554bd9ad5fec9ebe1a8b036eef31c
6b1a95aed3687521fcbf654063d65a3facbe97c96c888c9016bbe8d1c719637f
6b23386e73fa93cae144c312a1c1cf0f0a13a41d6e87d036de88239f8916623b
6c38a81d823568bfb8dd5e95dea9daccd5c1c37140b650d541808c7a34da6e78
6c4f959c16b3ba3a8322e383de3b14e4496219822a91f099eacbcc8662024a35
6d286d30fc1dce5732e03699d977b95d09ba46d9af3f663d76549ac87c0d67f3
6d94b9f9abf8a39db9e0815ece0eccc16847e187f4db252808ebcb99b3619bf8
6e225f5185d40ee6b100e911384017b7ce51298285b7921dd540b2a878a79b90
709f83b4cf43cf2b4a2d676302787c4b28b5c2387884bd4fc16e9c844c2ffd38
732ebfd6b0f6181ac664744b6b5fd12450dd7c55cd90b44d3df22afe1ef652c7
7349268856c66ae223aa6dbb7c056abc918b0629f032a0f1057aa8b23ac0c287
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
758cf8038c2efe5c0e1b208fd6b7aa469c25fde29641f52a3bf08a8188504b7b
75923de2a993785ccab38a3f2766e0ef00649c91bce9c3373ea78fa40dcf68f4
77888507288361bc4b48394acce32b16ea36773e90f8d1c1635fbaa34afdf770
781fe7f9128c1e95299e43df09f692803ef62dcea9f28888d5c087c516aed327
787f8c15a3859a4812776b88a320a4daae26bde0a60b6d62dbbf0898da439f8b
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
792309ef28e11a995d7796532378b32a33ca5b1038059e4cd3186c68e8fb557c
7a0b5389a4c2dd8d31b5a5a3a77c308128690fc2d3e8c171441cdf72b68bb7e0
7b25685c72d02b4c9f7d7ba2e611cbd6f9aad6daccbb54f3f577b6d1f3de61a9
7ba309b9325e9ba8b52ed51c9df5c0012d227e7e5cbd6ed87e3b7a90ca09ced3
7bbb88b46423ef28f104556e199f8c5163f3fa0c699066fcae997250158da202
7e639859ede3b6ca310f0671ea16ac45d3c136a2f02f5b91136c4b6f093e9f74
7ff89607a705ba164206d25a8a8f292ada6d0ae31757f832c35875664b09ebe2
803f304e5ff5f2542b539737214b59b710488df9d1acf9df70c20319af0e0b5a
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8234be32fcc5e929e2e1ccc4f44a406346532f09f771d89bcc4e6741a25acf45
82d1189c8362891b9252628ca63cdcbe1fe727cd6d07dba83ebc16f5b43a7fa2
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d0ff3d4c912a717748d04629c2d53e22996a34b13dd6e76685dfbd89d8b3d3
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85d48e71e731946e8ade37c612451724ae993b3624d42b6182a6f6bf196f4cd6
86fc94fcfd038ab7ce231beb1002bca99e820f6d2ac6fcb92047e3f8045cd5d1
88efd056c1b084f2121dabecddef6ac2cfbd9cdcff4084c3b2f8bd7bf6f6b8b8
898b8df25be3b9c49716cfcbc7bb94a00224702488433826f8d57c31c1083ddf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a41db56b578fef1c557be2a98889ebd92f0afa27743535d9c75270c795111a5
8a54bd93344da282a410a35e8151edda29e8b73a224ec479cb0bb40b9f5a429e
8b36bebe99877a38bb3f5329eb1f7fb64bd66e3555851a13d0a2b5f91ae6ef91
8b59a3a458de365091b4decaee9a96d39f90286e28b011209d6e0f3ba9ae1e2e
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
8c3c90a35ce51f6038c2eca7ae22637c829ee867cec6932ab55cb996f9c0008b
8c737841de7075d837a90d841cd532120cad7bbfbc2a25234824488d6d9b38ac
8c8cd41dce03784d3503fb70cd31aaf8539e598730cc13e83acce0b1f79196a2
8e3e0b4a44224b92e7282254d16fce9979956e5019bb077a4b7d0c68fa159d3c
8f4ad4651d303f2ba96e415554e247770276cbf7a9165d3ae1d3fd8fcaed5f41
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8feda7cdbce016cc1fba0be24a74b390c2a1bdc926b18d3f424c9bf63bdb26eb
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9242fff8d8ac3faa26a2012cbfeed56e6df0365927f04afc24d7018bf7515146
925f3639a2a524b898a52fa283d43975bc32fa3111dbaf17ff472bb29093aed0
92aaf3557fb5764f95763486f984e7ba6b42d55dabf18bcd74fd781826d8e65a
9309112941d22c1b957fd05b840dc8611d52b7abe3bdd9e3587259c25a759351
932bf23b670378e8f97637e5074aa3893b36b48c662bc80b709d05211733d519
93cd93435c48cbde336ddaf4e94e9209d5e57558d5c7c1656912aff2f92b814e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9561c2848c0b81e8aa80ec3d5bbd2a8da7aa9c8a3749ccd1ee114dbb4a66edfd
97faaa63a47cbd0bffe7d0d77d1966ffa0b83f8efc69ccfda8af8b541f013aa5
9800f6a1b53f32fd95a8e597a60f72397c020b90f2815204db17b30cafb3850a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997f0949094f190ff39f59e8ff0a9e0895fc9cc85507acb1896bf94a1638e5c3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f1f20ca181805f1d41148247e7715a236c87c14b3e62361b57ed3827be9a05
9a36585f998776de2a32ee7ce5ce97784d99ae6821f75478f73a6708a914abe1
9b1a1a4af356522d94f33916ae5dc17f474b8a8b3a1a8cdedcfb6b82696b052e
9c404da90b764cc0001704aa7a3fcd9d8406cd240b874eea16e62c44fe55e33b
9d044c8e7c6f7229767f41f51e21b6e0f9b47499f20a3c18d37929cc4f1e0b97
a034d075141ce4dc3c017a065213c48d5e199e465c52f695d4e6feac4eab8a3b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a074807c683144b596008561301f27ec98e5ae9eb0b6a8ed263ff73213ecb459
a0f02c247655e1751c6076d142fee3716e0c573f88734765e99954aa3c74692c
a0fc06b6ebd43bb9f63babbdd5692efc12c58be4f033d943400b9293121dcb50
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a3de577df112c9eb6024eebbcd8abf4dc94f23bba5b2f8219d5d37e4c882a5db
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a57ba142c2a3a568bd8fad7fd6e373ffe1e290c1d102e1b079659cbdc047bda5
a6c563629879d807d40f59562419f2ea67fe505990657ea55eedf045b3e070a1
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a840af2ad7494eaf80b0f4015dc745bfb8852cc4438eea934b30f20c0289377b
a90cf476a407e0a9401b8b859e9712decb1746d832591b69563958708810853a
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
aa56a655b6cb77a3c0035819033d02970bba3770850f506e8d61163098ab63a0
aa8b59de0708f3aa7f4869d599c55a078e3f09f6c663ebd180c255ef6736bf5e
aaa5513cdbb249e2a89186d90a196b8cd08297c8d3a26faed2e803db39f33c0e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aeb8be55d1d571fefd97046191e53d93a8cc50458e5ede00dabbdfb60e5caaa3
af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
afb395274729c0fc60d06bed1998a191a1d3b78f8ae68e57235b99af81142aed
afffa667586c4a64b7ed7e7dee1d75bea3f0e5aaafe44b2666115c12009407db
b0040d5c2c7015a73edef55cb4d880a8c25d548ccf2935a6780242aeb39ad9d0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d
b3f08176d7848b139eb3594f6f16885ace670fb22de7e1a9ecf3eb3fbf255cf5
b41bf82b7fcf28ff777e3ee2735df3763a0424d119ce578645e32af670db9699
b6792c25892f0ef356be11372c54db01d7db1aa6fe4a631e4dadfd11b02e20cb
b7b9e93507d372e64c240dab51f7a602842d2fe8ea8f092d91acaf6175e6211f
b8ad3c22753a353b1d88494ac839f9856acb3d2861ee281e3541379f24a76b41
b937c24218ddab07453d7e8fc62fad12b5e29a0b473536e2baca0ca7b5fd79c6
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
b9f7230a2e07d0f3bcae9b22155a91cb0323bb0dc646d8b6b52a147aead1956c
ba3b0648f2d1e34cadb8ab863d01f9b7a387574623811edf027a0d85e35fa3c8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb702c30fde1d1a4d8b3a6f56b64756fe50eac0f8676fcabffe60e49f7af7815
bbcda486180500c3bf70f1d7e9f7501cd7e64cf86dbcb2cbd6151f3dc9c57397
bc902768c2ec3a51106337c1b7b7ee9d0994a21f795b879db7cd24029edd33c7
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c167de6525c68fafd11785fa6e71d49f9418a558f78c1a0b52fd32e1ed4dccee
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c682f11f436b09c0f49e0f3c6ad3525000bec52c72754afa5692c16c9ece776f
c7edf23266109a291d04fb6729c9fe1b7eee7dc0dda62b44f11d2be6de79d002
c8e2c958c574d530f40d74d3f28827e08e9130b8d6062c9133505f5492abdfb2
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caf9fbdd15c2496464e6a8bb9fd7072bc2127d5914d661f79b056bc2ccc693f1
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cb24602a785ce2f3e175d779885c87d604e712c4eb1a5dd78a1380781c7dac3b
cbcbf1bbb1b3099a58b47c70f74556adeedbf9d3751a5959f15307724ede86c7
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ccd4b7b0f1ec42c1de66868b52d5f571c70211ade3dd1ac1dc2487777bba880b
ce2354c8da66afc7b22e18fb2b53520933885683ca9730e9d448add8c680cd08
cfe981f16c485865a363b58b567bff4f29f5897dbd6f2ab5b4b2ba5b3afc2860
d016d5681dae66d86523436990ef6357ff38b3d6aa1acf8e63de2886621efaf3
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d21321b8ed5f90961872dfa942d25e1cc7078c5b90d2a84b6faf211b1abd806b
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d523593fc48f2ad0f13d2e2820a76cfb58fd2d34a05c9946f73daf9584e0eab9
d52e039bec45a0ce843fa271776dcaf23b44f2fae3d5b29b68805f5553b267c8
d5768a041296065f90450569dcc9ddea0ee5bd4bfb3b4a6f855cf67b7b1616f3
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d6d3dc2473b65d8bdbc2ab575951583085f7d533f95c110a849f94716e4aa893
d952eeda4000d6cc1be7957461539596b937e83499785ba8ad12f821f906693c
da9dcb390eaccf5f5bab579580b58a9eae7135206e3e1e312fe21a50c77baa20
dac990d926ff6df3278dfb7e5d2fdd417ad30909c664cfccca8c0b124a2ec556
db0e513b4997b410cfe168d6584730769fb4c295b3f9494c1874a9a99dedf6df
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd620ff1363947eaa898325ec249aad550adf5e7937d2ed37dcad5e6b4751636
dd7342e6c30eaae65b03684a5e0551e887b2291bf79f9b46ccdefc5a43238a2a
dd82c9b25bf85671ac77134102db522e9c18afd9737bcd22ef5675bb5ce98a5a
de29f2881647a7ef017fdac1f82683f1a8c92dfd33202461338f682b84b7ca6f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de48cff22d139de6e469979a3ca41de8d6e28cda4fe5883ae0811b8b6d1b636b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df647469298900acae6f6a1c6475c04f91c50c964649a8c6c87edb3a6bfc917d
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e27208c7042a1f7b58665b29f1a41356bcdb72d08f563199d34e419d29187df5
e2d59e7aacec4d8734605ca27f1ed93ae3de3eb9f981f9914a6c0269cb3ed285
e36872c3322a3719152f398eb6198993dba0a25d10704048308414628e46e04a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41656eb2ba6c6293bf6dd928e5a88cdbc50535cab661c1969e0f598e497ed62
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8
e57dac638c80e82775e465f78402ca2af7c5987701d749d8d221eadceb473f34
e5ebfab453c56bdd5812bbd46adc74d14e6ed486427395cb59c43a91db2752cf
e69605d66a9a3cba13865b4bb3712f702a93a84fd8a8a16524440157933665e9
e6ee7b70c135dc1129d7238540d8c4a451dcea3fba01ce9bac9ef6550466b07c
e71f853bd035cc9da937f385a7b80cbaacd4bc295b2ade583fe92fd0f26ed2aa
e7e638e2b784c385f72ad60a8832fbb550b716769988d9abf570968e268e87f4
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e89dd168d2426677b4f7ca53f9706d4a1298281338b42c8e1f29cfaef55d4c0e
ea420861aa8a347662899406f74cf262a376714cfdefe54aaa02980a500f5ae4
eb172fc2600cd306d47576f9f045b42aca72bb9370af7dfcf433bd1788be2b86
eb4566a3fb681dd1c78a05043b807bc30b7d03f77318abc10720aae97fcaa76d
eb49ee3c9a3bdf672248b7b883ebb980a4fd76d1f1aa104bbc33dedac4213255
ecf31d03b0335b2099411a2b2ffe02cb9272db8ee1878e7f693b9f07caf12af1
ed88d3c97e9785098a0f7bfb29b18b76391403067b9d9930a9f3b1c82f558f6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d8b801eb386754fc29b624e0b15c50f0efcde4724f04f9bc07c30d24f0ee5
f0757455a54797a4c769b7af685b0f1cede9589e478f5f6307bf6277df62e621
f078dd76c3b918c79a78e75653c7cc47a789f94c9240ce55dd7e26596c742b36
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f39010919950c1283bb6ddab6da6864606d350f0ec6e9c76b08eba78ed74e3e5
f4e99c3102bcf675b11ab21c6097946505ff99a2a9b87888c92586e565183f5b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f600467678c092d7c62a3921f59f36db07f67ca8f26b79cc91cf8038d6b7611e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d17c8b1d318a111a6c54f2d638250106c017d9d5ce95668ccb2b2ed7eff4a7
f799732a1c98a10bfd1ca4f1553e8adf2300e4ee6277d27c19f86f6023910d0a
f84c7301346d21326c7d3932750070b8adfb34fe12241d79776df850b5c9d7c4
f86a99cbdf13f83232902c06988448c56eace5c884a1b8f45cb205a6ce431558
f9d0e9b2d158a5c6e9983b5fa525f0bccc5f7abd54ebb81c5905f704725156e9
faa710c0f7769f75703e8c8de22135fdd2f5f3df26bd4cf7d856fea8a25167a5
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
fb24a1c19a15d3ac4f5fdd16ae409ed45aed01b5bf4c8d137b4bd86395d9a85c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbc08716bf0cefb93b9b44ffaa0db4ec7507183ecd5f12143c79239d6baecaab
fbe0c52f56b16ec4de9677fe5b3495cc1f404b9ef92304bf0bd1b83452700b72
fc0af3306b68b44fdafbe8cd192b8494837a3a7fc5ad2d7cd73daee9445548cc
fc21bb747370fb757b1f7f59e1b02048183599b561be7425494ac0501ac9c170
fceefe01f62e40ea32b5a3844130f572fb31a1831c4f6bf1db3a18cbb7bfeccd
fd7fe6c2ca89bdb1eb4e08f2ee4aa3339007420ef466bae448a358c949ff669e