URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Submission: On May 30 via manual from US

Summary

This website contacted 93 IPs in 13 countries across 93 domains to perform 474 HTTP transactions. The main IP is 38.118.71.121, located in United States and belongs to MANAGEDNODES, US. The main domain is www.upi.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 15th 2021. Valid for: 7 months.
This is the only time www.upi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 38.118.71.121 36106 (MANAGEDNODES)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
8 32 104.108.145.8 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.98.59 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
9 151.139.128.11 20446 (HIGHWINDS3)
8 68.71.249.118 20093 (ZEROLAG)
2 34.95.69.49 15169 (GOOGLE)
4 13.226.158.204 16509 (AMAZON-02)
8 35.201.103.212 15169 (GOOGLE)
6 151.101.113.194 54113 (FASTLY)
1 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
9 52.215.248.53 16509 (AMAZON-02)
2 12 76.223.111.131 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
1 12 52.95.116.38 16509 (AMAZON-02)
2 50.17.108.122 14618 (AMAZON-AES)
1 34.193.25.178 14618 (AMAZON-AES)
1 142.250.186.38 15169 (GOOGLE)
17 142.250.185.130 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
11 11 3.121.66.166 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 2 18.195.240.234 16509 (AMAZON-02)
46 2a00:1450:400... 15169 (GOOGLE)
4 37.252.161.190 29990 (ASN-APPNEX)
14 136.144.59.88 54825 (PACKET)
3 20 35.244.159.8 15169 (GOOGLE)
2 35.158.146.183 16509 (AMAZON-02)
2 151.101.13.194 54113 (FASTLY)
3 2600:9000:21f... 16509 (AMAZON-02)
3 7 2620:116:800d... 16509 (AMAZON-02)
3 3 37.252.172.38 29990 (ASN-APPNEX)
5 6 185.64.190.79 62713 (AS-PUBMATIC)
17 39 216.58.212.162 15169 (GOOGLE)
6 20 185.64.190.80 62713 (AS-PUBMATIC)
1 3 185.64.190.81 62713 (AS-PUBMATIC)
1 193.122.128.135 31898 (ORACLE-BM...)
1 1 146.0.227.107 20773 (GODADDY)
1 1 88.214.206.247 46636 (NATCOWEB)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 15 185.33.220.244 29990 (ASN-APPNEX)
2 2600:9000:218... 16509 (AMAZON-02)
3 104.108.144.214 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
9 9 18.156.0.31 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 2001:678:cb4:... 56396 (TURN)
3 3 52.57.162.23 16509 (AMAZON-02)
3 178.250.0.157 44788 (ASN-CRITE...)
6 52.28.203.152 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
28 2404:6800:400... 15169 (GOOGLE)
5 8 69.173.144.138 26667 (RUBICONPR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 5 54.239.17.112 16509 (AMAZON-02)
8 9 37.157.3.30 198622 (ADFORM)
7 7 185.29.132.69 30419 (MEDIAMATH...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
1 1 54.78.251.22 16509 (AMAZON-02)
2 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 18.159.7.113 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
4 4 193.232.148.144 48061 (UMA-TECH-AS)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 217.66.147.161 29209 (SPBMTS-AS...)
1 1 213.87.44.207 13174 (MTSNET Mo...)
1 1 35.158.223.21 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 172.105.220.23 63949 (LINODE-AP...)
4 4 51.178.20.140 16276 (OVH)
3 7 2a00:1288:110... 34010 (YAHOO-IRD)
6 6 52.59.102.119 16509 (AMAZON-02)
1 1 37.9.245.57 16345 (BEE-AS Ru...)
1 1 35.212.101.174 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.169 1299 (TELIANET ...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
4 7 52.49.40.147 16509 (AMAZON-02)
1 1 162.55.6.213 24940 (HETZNER-AS)
1 2 51.210.112.236 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
2 2 52.17.35.107 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 159.253.128.183 36351 (SOFTLAYER)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 68.71.249.120 20093 (ZEROLAG)
3 3 72.251.249.13 29791 (VOXEL-DOT...)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 178.162.133.150 60781 (LEASEWEB-...)
2 178.250.0.165 44788 (ASN-CRITE...)
1 35.158.25.241 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.194.84.7 14618 (AMAZON-AES)
5 68.67.160.184 29990 (ASN-APPNEX)
5 178.162.133.149 60781 (LEASEWEB-...)
2 2 188.34.190.35 24940 (HETZNER-AS)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.139.89 201081 (SMARTADSE...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 54.247.114.64 16509 (AMAZON-02)
1 2 35.186.253.211 15169 (GOOGLE)
2 2 18.158.226.176 16509 (AMAZON-02)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
2 104.108.144.200 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 185.183.112.155 60350 (VP)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 154.59.122.79 174 (COGENT-174)
1 2 35.170.231.210 14618 (AMAZON-AES)
474 93
Apex Domain
Subdomains
Transfer
64 googlesyndication.com
tpc.googlesyndication.com
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
pagead2.googlesyndication.com
534 KB
62 doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
364 KB
40 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
196 KB
36 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
41 KB
29 adnxs.com
prebid.adnxs.com
secure.adnxs.com
ib.adnxs.com
nym1-ib.adnxs.com
acdn.adnxs.com
cdn.adnxs.com
84 KB
28 upi.com
www.upi.com
cdnph.upi.com
474 KB
27 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com Failed
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
30 KB
23 yahoo.com
ups.analytics.yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
18 KB
22 openx.net
upi-d.openx.net
u.openx.net
underdogmedia-d.openx.net Failed
eu-u.openx.net
us-u.openx.net
rtb.openx.net
6 KB
21 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
46 KB
19 a-mo.net
prebid.a-mo.net
assets.a-mo.net
1x1.a-mo.net
31 KB
18 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
183 KB
12 adsrvr.org
match.adsrvr.org
4 KB
11 rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
16 KB
11 bidswitch.net
x.bidswitch.net
4 KB
9 adform.net
c1.adform.net
5 KB
9 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com Failed
dis.criteo.com
3 KB
9 udmserve.net
udmserve.net
edge.udmserve.net
11 KB
8 google.com
adservice.google.com
www.google.com
1 KB
8 fastly.net
clarium.global.ssl.fastly.net
confiant-integrations.global.ssl.fastly.net
186 KB
8 breakfastboat.com
breakfastboat.com
207 KB
7 bidr.io
match.prod.bidr.io
3 KB
7 mathtag.com
sync.mathtag.com
3 KB
7 googletagservices.com
www.googletagservices.com
233 KB
7 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
11 KB
6 advertising.com
pixel.advertising.com
3 KB
6 ampproject.org
cdn.ampproject.org
117 KB
6 sonobi.com
apex.go.sonobi.com Failed
sync.go.sonobi.com
6 KB
6 facebook.com
www.facebook.com
341 B
6 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
99 KB
5 clarium.io
protected-by.clarium.io
2 KB
5 indexww.com
js-sec.indexww.com
17 KB
4 dyntrk.com
c.eu1.dyntrk.com
gu.dyntrk.com
3 KB
4 adhigh.net
px.adhigh.net
2 KB
3 lijit.com
ap.lijit.com
2 KB
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 3lift.com
eb2.3lift.com
1 KB
3 turn.com
ad.turn.com
1 KB
3 underdog.media
bid.underdog.media
176 KB
3 facebook.net
connect.facebook.net
68 KB
2 eqads.com
um2.eqads.com
563 B
2 w55c.net
pm.w55c.net
1 KB
2 contextweb.com
bh.contextweb.com
1 KB
2 splicky.com
bidswitch-eu.splicky.com
439 B
2 criteo.net
static.criteo.net
53 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 everesttech.net
sync-tm.everesttech.net
744 B
2 scoota.co
r.scoota.co
1 KB
2 exelator.com
loada.exelator.com
4 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 de17a.com
d5p.de17a.com
637 B
2 rfihub.com
p.rfihub.com
2 KB
2 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
103 B
2 quantcount.com
rules.quantcount.com
1 KB
2 kargo.com
krk.kargo.com
948 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 chartbeat.net
ping.chartbeat.net
337 B
2 rlcdn.com
api.rlcdn.com
id.rlcdn.com
284 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 ex.co
player.ex.co
prd-collector-anon.ex.co
184 KB
2 clean.gg
i.clean.gg
104 B
2 cloudfront.net
d3terveqlssriz.cloudfront.net
d1bvk193qme2fc.cloudfront.net
76 KB
1 acuityplatform.com
ums.acuityplatform.com
637 B
1 bttrack.com
bttrack.com
380 B
1 adotmob.com
sync.adotmob.com
682 B
1 match2one.net
cdn2.match2one.net
51 KB
1 clientgear.com
event.clientgear.com
261 B
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
486 B
1 smartadserver.com
rtb-csync.smartadserver.com
761 B
1 simpli.fi
um.simpli.fi
611 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 loopme.me
csync.loopme.me
212 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 chocolateplatform.com
cs.chocolateplatform.com
320 B
1 beeline.ru
google.ops.beeline.ru
763 B
1 appier.net
a.c.appier.net
554 B
1 sharethrough.com
match.sharethrough.com
257 B
1 adkernel.com
dsp.adkernel.com
233 B
1 rutarget.ru
google-sync.rutarget.ru
579 B
1 ctnsnet.com
gcm.ctnsnet.com
480 B
1 adroll.com
d.adroll.com
112 B
1 emxdgt.com
hb.emxdgt.com Failed
156 B
1 google.ch
adservice.google.ch
799 B
1 admanmedia.com
cs.admanmedia.com
394 B
1 admixer.net
inv-nets.admixer.net
472 B
1 technoratimedia.com
sync.technoratimedia.com
292 B
1 mookie1.com
odr.mookie1.com
324 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 p-n.io
cdn.p-n.io
70 KB
1 onesignal.com
cdn.onesignal.com
3 KB
0 impdesk.com Failed
pix.impdesk.com Failed
0 teads.tv Failed
a.teads.tv Failed
474 93
Domain Requested by
46 tpc.googlesyndication.com d3terveqlssriz.cloudfront.net
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
www.upi.com
tpc.googlesyndication.com
39 cm.g.doubleclick.net 17 redirects 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
www.upi.com
eu-u.openx.net
aax-eu.amazon-adsystem.com
28 csi.gstatic.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
cdn.ampproject.org
17 securepubads.g.doubleclick.net d3terveqlssriz.cloudfront.net
securepubads.g.doubleclick.net
www.upi.com
16 cdnph.upi.com www.upi.com
15 ib.adnxs.com 9 redirects bid.underdog.media
www.upi.com
acdn.adnxs.com
14 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
um2.eqads.com
14 prebid.a-mo.net www.upi.com
bid.underdog.media
12 pagead2.googlesyndication.com 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
www.upi.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
12 aax-eu.amazon-adsystem.com 1 redirects d3terveqlssriz.cloudfront.net
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
u.openx.net
12 match.adsrvr.org 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
eu-u.openx.net
bid.underdog.media
aax-eu.amazon-adsystem.com
12 www.upi.com www.upi.com
ajax.googleapis.com
d3terveqlssriz.cloudfront.net
11 simage2.pubmatic.com 2 redirects ads.pubmatic.com
11 x.bidswitch.net 11 redirects
9 c1.adform.net 8 redirects ads.pubmatic.com
9 ups.analytics.yahoo.com 9 redirects
9 ssum-sec.casalemedia.com 3 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
9 image2.pubmatic.com 4 redirects ads.pubmatic.com
9 trends.revcontent.com d3terveqlssriz.cloudfront.net
www.upi.com
9 fonts.gstatic.com fonts.googleapis.com
8 eu-u.openx.net 1 redirects d3terveqlssriz.cloudfront.net
eu-u.openx.net
u.openx.net
8 breakfastboat.com d3terveqlssriz.cloudfront.net
8 udmserve.net www.upi.com
d3terveqlssriz.cloudfront.net
7 match.prod.bidr.io 4 redirects ads.pubmatic.com
www.upi.com
7 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
u.openx.net
ssum-sec.casalemedia.com
7 www.google.com 2 redirects 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
d3terveqlssriz.cloudfront.net
7 sync.mathtag.com 7 redirects
7 www.googletagservices.com d3terveqlssriz.cloudfront.net
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
6 us-u.openx.net eu-u.openx.net
u.openx.net
6 pixel.advertising.com 6 redirects
6 cdn.ampproject.org d3terveqlssriz.cloudfront.net
6 c2shb.ssp.yahoo.com bid.underdog.media
6 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com d3terveqlssriz.cloudfront.net
6 image8.pubmatic.com 5 redirects www.upi.com
6 images.revcontent.com www.upi.com
6 www.facebook.com www.upi.com
d3terveqlssriz.cloudfront.net
6 clarium.global.ssl.fastly.net d3terveqlssriz.cloudfront.net
www.upi.com
5 sync.go.sonobi.com www.upi.com
5 nym1-ib.adnxs.com d3terveqlssriz.cloudfront.net
cdn.adnxs.com
5 protected-by.clarium.io 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
5 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
5 pixel.quantserve.com 3 redirects www.upi.com
5 js-sec.indexww.com www.upi.com
d3terveqlssriz.cloudfront.net
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 1x1.a-mo.net www.upi.com
d3terveqlssriz.cloudfront.net
4 googleads.g.doubleclick.net 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
4 px.adhigh.net 4 redirects
4 pixel.rubiconproject.com 1 redirects aax-eu.amazon-adsystem.com
4 prebid.adnxs.com www.upi.com
4 gum.criteo.com 1 redirects d3terveqlssriz.cloudfront.net
4 c.amazon-adsystem.com d3terveqlssriz.cloudfront.net
c.amazon-adsystem.com
4 fonts.googleapis.com www.upi.com
tpc.googlesyndication.com
3 ap.lijit.com 3 redirects
3 www.gstatic.com 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
3 eb2.3lift.com 3 redirects
3 ad.turn.com 3 redirects
3 u.openx.net 2 redirects aax-eu.amazon-adsystem.com
3 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 secure.adnxs.com 3 redirects
3 bid.underdog.media d3terveqlssriz.cloudfront.net
www.upi.com
3 connect.facebook.net www.upi.com
d3terveqlssriz.cloudfront.net
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 pm.w55c.net 2 redirects
2 rtb.openx.net 1 redirects u.openx.net
2 bh.contextweb.com 2 redirects
2 bidswitch-eu.splicky.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 static.criteo.net d3terveqlssriz.cloudfront.net
static.criteo.net
2 pixel-sync.sitescout.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 r.scoota.co 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 sm.rtb.mts.ru 2 redirects
2 p.rfihub.com 2 redirects
2 hbopenbid.pubmatic.com bid.underdog.media
2 bidder.criteo.com bid.underdog.media
static.criteo.net
2 mug.criteo.com www.upi.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 rules.quantcount.com d3terveqlssriz.cloudfront.net
2 confiant-integrations.global.ssl.fastly.net d3terveqlssriz.cloudfront.net
2 krk.kargo.com www.upi.com
2 upi-d.openx.net www.upi.com
2 rtb.mfadsrvr.com 2 redirects
2 ping.chartbeat.net www.upi.com
2 www.google-analytics.com d3terveqlssriz.cloudfront.net
www.upi.com
2 i.clean.gg d3terveqlssriz.cloudfront.net
2 ajax.googleapis.com www.upi.com
1 ums.acuityplatform.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 pixel-eu.rubiconproject.com 1 redirects
1 cdn2.match2one.net www.upi.com
1 cdn.adnxs.com d3terveqlssriz.cloudfront.net
1 acdn.adnxs.com d3terveqlssriz.cloudfront.net
1 event.clientgear.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 assets.a-mo.net d3terveqlssriz.cloudfront.net
1 simage4.pubmatic.com ads.pubmatic.com
1 edge.udmserve.net bid.underdog.media
1 um.simpli.fi ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 cs.chocolateplatform.com 1 redirects
1 google.ops.beeline.ru 1 redirects
1 a.c.appier.net 1 redirects
1 match.sharethrough.com 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 dsp.adkernel.com 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
1 google-sync.rutarget.ru 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cms.quantserve.com 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
1 d.adroll.com 1 redirects
1 hb.emxdgt.com bid.underdog.media
1 apex.go.sonobi.com bid.underdog.media
1 underdogmedia-d.openx.net bid.underdog.media
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 adservice.google.com d3terveqlssriz.cloudfront.net
1 adservice.google.ch d3terveqlssriz.cloudfront.net
1 cs.admanmedia.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 sync.technoratimedia.com www.upi.com
1 secure.quantserve.com d3terveqlssriz.cloudfront.net
1 cdn.revcontent.com www.upi.com
1 odr.mookie1.com www.upi.com
1 img.revcontent.com www.upi.com
1 d1bvk193qme2fc.cloudfront.net d3terveqlssriz.cloudfront.net
1 ad.doubleclick.net d3terveqlssriz.cloudfront.net
1 prd-collector-anon.ex.co player.ex.co
1 as-sec.casalemedia.com js-sec.indexww.com
1 stats.g.doubleclick.net www.google-analytics.com
1 api.rlcdn.com js-sec.indexww.com
bid.underdog.media
1 player.ex.co d3terveqlssriz.cloudfront.net
1 static.chartbeat.com d3terveqlssriz.cloudfront.net
1 assets.revcontent.com www.upi.com
1 cdn.p-n.io www.upi.com
1 cdn.onesignal.com www.upi.com
1 d3terveqlssriz.cloudfront.net www.upi.com
0 pix.impdesk.com Failed 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
0 a.teads.tv Failed www.upi.com
0 htlb.casalemedia.com Failed www.upi.com
474 154
Subject Issuer Validity Valid
*.upi.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-15 -
2021-12-26
7 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
pushlycdn.com
Amazon
2021-03-16 -
2022-04-14
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
assets.revcontent.com
R3
2021-05-14 -
2021-08-12
3 months crt.sh
udmserve.net
DigiCert SHA2 High Assurance Server CA
2019-07-15 -
2021-10-14
2 years crt.sh
i.clean.gg
GTS CA 1D4
2021-05-01 -
2021-07-30
3 months crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
breakfastboat.com
R3
2021-04-26 -
2021-07-25
3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-27 -
2022-05-29
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
*.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2
2020-12-27 -
2022-01-28
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
revcontent.com
Amazon
2020-07-08 -
2021-08-08
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon
2021-04-09 -
2022-03-20
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
img.revcontent.com
R3
2021-05-15 -
2021-08-13
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-22 -
2022-03-25
a year crt.sh
cdn.revcontent.com
R3
2021-05-16 -
2021-08-14
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
images.revcontent.com
R3
2021-05-14 -
2021-08-12
3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1
2020-03-29 -
2022-03-29
2 years crt.sh
*.a-mo.net
R3
2021-05-11 -
2021-08-09
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.dev.kargo.com
Amazon
2021-03-16 -
2022-04-14
a year crt.sh
www.underdog.media
DigiCert SHA2 High Assurance Server CA
2019-07-16 -
2021-10-18
2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA
2020-07-28 -
2021-10-01
a year crt.sh
*.google.ch
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2019-06-19 -
2021-08-31
2 years crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-18 -
2021-09-08
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.gstatic.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh
www.google.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2
2020-04-03 -
2022-04-26
2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-22 -
2022-01-05
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
*.onaudience.com
Certyfikat SSL
2021-05-28 -
2022-05-28
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-09-22
6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2020-12-06 -
2022-01-07
a year crt.sh
*.emxdgt.com
Amazon
2020-07-31 -
2021-08-30
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-03-11 -
2022-02-07
a year crt.sh
match2one.net
Cloudflare Inc ECC CA-3
2021-05-06 -
2022-05-05
a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-05-11 -
2021-06-30
2 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-29 -
2022-03-29
a year crt.sh
um3.eqads.com
Amazon
2020-07-24 -
2021-08-24
a year crt.sh

This page contains 53 frames:

Primary Page: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Frame ID: 5F111417C11ED22FCAB2FD6BADB15B33
Requests: 194 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t
Frame ID: 129EBBA86EC4E2C7CFC5CEA42E7BA33F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: DE5545285D224F8A3C93A3A5A554CA45
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 636BCAF56557A0CFA7BB152D10BB2C64
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: C773CCD4EDACBF4EB43212CBF0FFC039
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 7637F28496F99174BA0FED34CC48F399
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 24D2A7E90276E5384BFD371CFE6D0115
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: A543E8BF8DFACB880063847951758232
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UsZoq2Z1l2NFBm2xKoUjI35pJ8UiTXE-&
Frame ID: 9AA3C2513B2024B6247C46597EF84F9E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 4E0D168C0BD0B65DDD9E5514A01B5896
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=2753228560253870743&ex=districtm
Frame ID: 515D19BD3640AA8886660DC7FFA1A654
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: C1D5B6051146F298862380951916522E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7705248515007088740&ex=appnexus.com
Frame ID: 7E801F6254AE9F4667A2E28BB5690EFE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2685190894431413257
Frame ID: FAC7F3B52DAC324F34ECBFE2B28C0882
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=15728417046886214120
Frame ID: BC0BA283683C5FCCC8BF8BC0EB458597
Requests: 1 HTTP requests in this frame

Frame: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D1B57384B59839FCC3875160A4887ED
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04A2B7947126D8957452D5AE53A35D74
Requests: 9 HTTP requests in this frame

Frame: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF43411BDA26EC118EEA409B3F779DDD
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html
Frame ID: 8DEF79B4D9F077636141D78C000B55CD
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CBF4E1A1670DC6E583A499258D6DF118
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022104130153000/amp4ads-v0.mjs
Frame ID: 395849186F75D88FB14D41D1A5E1B39F
Requests: 16 HTTP requests in this frame

Frame: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8FAC274165C590BA80E0C36D1D8D7A84
Requests: 14 HTTP requests in this frame

Frame: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F3BED61B3B1B8847504BD706703A5563
Requests: 19 HTTP requests in this frame

Frame: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E0F40E4794E9E9174A0D5D7DE1CD9E23
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html
Frame ID: EAEBE4FD6996AF452CA485ADD2FCC8FF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E6F5F8FF0732C5FE635DF27F1B148374
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29661380C987834BD81B15DA5C0D0279
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E53C82B01A721C849AE210652F0D2D5
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5845E8C725952A593F15DFDA199A007B
Requests: 21 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B23CC141-498E-401C-808E-CBA2C011B4E6
Frame ID: 39C2C9B299779FCAA5C75A7F25968E0F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5850541880282737778
Frame ID: ED0A69FA90CA8886D94B23DB315FC63E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DC716A8233D3E7F17225FEB225D123A9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968143645283645592
Frame ID: 7FA98DF6E0E8E2FBF52ED74F448624A0
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 8F0F0D2EDD5FE35DF1D02CB09DEE0FA5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: AE8E7A53788C4A9C502C6E2FD4465755
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=B23CC141-498E-401C-808E-CBA2C011B4E6&ex=pubmatic.com
Frame ID: F5041955200D40B9F91BB500222621A1
Requests: 1 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=7;p=1;rri=1622397365439_982875_217.138.203.212;mid=43264;zzz=1;version=v2.6.27-confiant;cb=0.23410052464267417;session=1;style=slider;vis=visible;traffic_info=%7B%7D;;radid=1622397365439_982875_217.138.203.212
Frame ID: 06EADF4398FE4956C3436721362AA0A6
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Frame ID: 80A6CFF56697546C7F85C62E5CCA4D02
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A8DABCF0AEB0E6254101266E5224677D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 047EA806A21A2BB680CFF0227657CC15
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Frame ID: 556D35D1E05EDF5B7787E9B7B3AF0DF8
Requests: 7 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=7;p=1;rri=1622397372089_902560_217.138.203.212;mid=46697;zzz=%5B46697%2C1622397372%2C%22d0N8El3kLK7GGDxMCPd72g%22%5D;version=v2.6.27-confiant;cb=0.5585946947753682;refresh=2;qqq=2.631712643726324;style=slider;vis=visible;traffic_info=%7B%7D;
Frame ID: 244D0D317FE3C01709336B6F6F2B45DA
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Frame ID: 76B2B5DCC66B97809ACBB0C452DF36D2
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1571c4c108ce84%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=8&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Frame ID: E985D5A3D24BAAC72584F2843F17D03C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd6954936943f%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=7&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Frame ID: B870AC69775E2F577D9E9B09FAFEF1F6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.upi.com&gdpr=0&gdpr_consent=
Frame ID: 89EAD670A56680DB7B6766CA586028D9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28a078da432788%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Frame ID: 81B58D3F816269E1C7882E774D0D7707
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd21367536e94%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Frame ID: 8C1D8B3BD5FDAF1163A738E816C72C99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9943E74012BE2E9E768265095569CD50
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 954F4B6C727F4447B60C852004989431
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E9F94B9CAAAF703430186DAEEB8A1FE4
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 271C11CB70A7778B8D3401AC49906B07
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 5D2801F0B3E02B485B1EB5FE5DFAB703
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

474
Requests

98 %
HTTPS

26 %
IPv6

93
Domains

154
Subdomains

93
IPs

13
Countries

3596 kB
Transfer

9771 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t
Request Chain 80
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=18991391-c571-4835-8b3b-91f8deaaa835&ssp=revcontent&gdpr=&gdpr_consent=
Request Chain 81
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y%3D&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y%3D&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y=&bidder=154&bidder_uid=5199c074-6301-450d-a804-dbc4c7683394
Request Chain 110
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7538304888347731149
Request Chain 111
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjIzQ0MxNDEtNDk4RS00MDFDLTgwOEUtQ0JBMkMwMTFCNEU2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DB23CC141-498E-401C-808E-CBA2C011B4E6 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=B23CC141-498E-401C-808E-CBA2C011B4E6
Request Chain 113
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;admix=df19b00881bf43dbb321823b3f7d1f68
Request Chain 114
  • https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;acu=8dbf91771255349e802ebcca97178b50a52561fa
Request Chain 124
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5745752381469287173
Request Chain 127
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 130
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UsZoq2Z1l2NFBm2xKoUjI35pJ8UiTXE-&
Request Chain 131
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 132
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=2753228560253870743&ex=districtm
Request Chain 134
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7705248515007088740&ex=appnexus.com
Request Chain 135
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2685190894431413257
Request Chain 136
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=15728417046886214120
Request Chain 139
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.upi.com%2F&domain=www.upi.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=l1YcL3wvdU9MaFl0dGtVMmNRNVVZV3RmUW0xUGM4cjdsT2lVVWFRVWluOHlwVkdCODkzUDR1TlBoU2s0ZFE0ak41MmEwamhmVXZYMU5SOGxNMGg3NisxZTRZQXVpdGVSNEtnd2tZeFdZMFdFM2JQTFc3Z1A1MzYvMVF6Vk9wM2lSM3dWaXovTGk1R3pUNXBNMXFNM1ZSdWxtdUZlek9WZzI2THVGOUxWMndINDk1bTNjUlQ3ODFpRWduU2Q2V2JjRytyVHNBaUZvQmk1T25XVHBHenk0RmozNXFTcEVlemhKRDFHdi96US9LdURybkowPXw&cppv=2
Request Chain 156
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KPBHI3S8-3-6BR0&gdpr=0
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVGp0YVZpZse6dfp2VRnGQ&google_cver=1
Request Chain 162
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLPRtrIR8KdwU09DUngA4wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELCVSPo-5BFbojTRPPDBIMY&google_cver=1
Request Chain 163
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8115069663595238900&expiration=1623606967
Request Chain 164
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=652060b3-d1b6-4200-bce9-91beab1e9d4a
Request Chain 165
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020461234205
Request Chain 166
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 183
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIGzQzVnQA9g0VS8Pb-BjHQ&google_cver=1&google_push=AQvitUKjtKXiY2tKUrwcYSKkxAAHoSVQRkYUF-e7ZW1S0KnRiLirPG_FOaRDY-hbEgCOKnuALBPpfVS6-D_CpCwlBYsnAYLH1BA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKjtKXiY2tKUrwcYSKkxAAHoSVQRkYUF-e7ZW1S0KnRiLirPG_FOaRDY-hbEgCOKnuALBPpfVS6-D_CpCwlBYsnAYLH1BA&google_hm=Gdp8IP7QSTmGwpAZ74Yjd9Q
Request Chain 184
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEO1uIv5s_6apMH5tU3FnhY0&google_cver=1&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEO1uIv5s_6apMH5tU3FnhY0&google_cver=1&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY&google_hm=4j3jgLuiSiIAAikABlF5vms-TA%3D%3D
Request Chain 185
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM0gKzBXoMMEOpf7cXx649A&google_cver=1&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEYR_mF82P2bDkBnlyIki5QgT18 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM0gKzBXoMMEOpf7cXx649A&google_cver=1&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEYR_mF82P2bDkBnlyIki5QgT18 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4OTA4ODgzOTU3NTM1MDU5NQ&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEYR_mF82P2bDkBnlyIki5QgT18
Request Chain 186
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEMzQ3p5LhP3JySDpRZSCMQQ&google_cver=1&google_push=AQvitUKjexvXAsz5wtvOkAATvMke93NbWRYt3cQbXlI3freBZvkI2O5pffJ_52_otxN2vC7V6aqqEO8wMTXEH7wkDa5YgoKX4kof HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=eGVHUXZMT1B4eUhU&google_ula=2046794&google_push=AQvitUKjexvXAsz5wtvOkAATvMke93NbWRYt3cQbXlI3freBZvkI2O5pffJ_52_otxN2vC7V6aqqEO8wMTXEH7wkDa5YgoKX4kof
Request Chain 188
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEKrIsyTLPAxzW9WXq0bbYQo&google_cver=1&google_push=AQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBRH5Hn_Zz_PQl-4U HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D461c1655-bde6-4325-ac0a-baff8bac3a4e%26google_push%3DAQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBRH5Hn_Zz_PQl-4U&ssp=googlevid&exu=CAESEKrIsyTLPAxzW9WXq0bbYQo HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=461c1655-bde6-4325-ac0a-baff8bac3a4e&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D461c1655-bde6-4325-ac0a-baff8bac3a4e%26google_push%3DAQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBRH5Hn_Zz_PQl-4U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=461c1655-bde6-4325-ac0a-baff8bac3a4e&google_push=AQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBRH5Hn_Zz_PQl-4U
Request Chain 190
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=15728417046886214120
Request Chain 193
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=13ed7c67-6dbf-452b-bf27-568c2f858fa3
Request Chain 207
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 282
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 284
  • https://a.c.appier.net/gcm?google_gid=CAESEDsASA9hbsmugdgEjSCY9xs&google_cver=1&google_push=AQvitUIFp2ed6KMbEsGS11z8Kvpcl2e-dyjJmzZbiDEtAQtOl8wRMqf6TfP6qIZ0v0cexK0TpLU_NwELetQdJxKSLSc5iBVcATs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cEQ4Qk11TXdDVmVSdXY1MnVOR3pZQQ%3D%3D&google_push=AQvitUIFp2ed6KMbEsGS11z8Kvpcl2e-dyjJmzZbiDEtAQtOl8wRMqf6TfP6qIZ0v0cexK0TpLU_NwELetQdJxKSLSc5iBVcATs
Request Chain 285
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOaI0BZ0ekbHhaXKmJf6Gns&google_cver=1&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbhYvwu5AlHneQIr8S_I HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOaI0BZ0ekbHhaXKmJf6Gns&google_cver=1&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbhYvwu5AlHneQIr8S_I&prevuid=03030002_60b3d1b80ae3d&knw=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbhYvwu5AlHneQIr8S_I&google_hm=MDMwMzAwMDJfNjBiM2QxYjgwYWUzZA%3D%3D
Request Chain 287
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGEkRJFBZ9qgl2r1jRJrXHY&google_cver=1&google_push=AQvitUKWZI6khme_GpPEYVgJqPOC35tEEBl3cRoRWuz-8_BZpAhpGm_cw2tHCsATn7OeDflU1Xk8Rmn6cdPr5BfqZibOV6GU7og HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKWZI6khme_GpPEYVgJqPOC35tEEBl3cRoRWuz-8_BZpAhpGm_cw2tHCsATn7OeDflU1Xk8Rmn6cdPr5BfqZibOV6GU7og&google_hm=NDk4MzM4NjIwNjA5MzYyMjU3
Request Chain 288
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0NqaMGdJ3D9bYGEfs2TRRa9EEPGpmuABm6iby1fSBsOmYf3xLw HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0NqaMGdJ3D9bYGEfs2TRRa9EEPGpmuABm6iby1fSBsOmYf3xLw&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0NqaMGdJ3D9bYGEfs2TRRa9EEPGpmuABm6iby1fSBsOmYf3xLw&apid=UP4f9031f8-c170-11eb-b577-02a92b7887b4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0NqaMGdJ3D9bYGEfs2TRRa9EEPGpmuABm6iby1fSBsOmYf3xLw
Request Chain 289
  • https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESEPoY0iJ09lOJIlRmWebKjQs&google_cver=1&google_push=AQvitUKAIoaAJ4Aquj6almbKInZONlnZK6cfaHipPrOyiJ2pS31xaQ09gVKyBxBeD8Gk3JWrMFiKXB--v6_jCEHXWcyWNR8Kv_5h HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=OTE3OGFkNTUtOGZmMS00ZmMwLWE3ZGQtZjgzNWUzNTNiYTMy&google_push=AQvitUKAIoaAJ4Aquj6almbKInZONlnZK6cfaHipPrOyiJ2pS31xaQ09gVKyBxBeD8Gk3JWrMFiKXB--v6_jCEHXWcyWNR8Kv_5h
Request Chain 292
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEBmC2w91NULx-1C792bIOU0&google_cver=1&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmgg HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEBmC2w91NULx-1C792bIOU0&google_cver=1&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmgg&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmgg&google_hm=4j3jgLuiSiIAAikABlF5vms-TA%3D%3D
Request Chain 293
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGEkRJFBZ9qgl2r1jRJrXHY&google_cver=1&google_push=AQvitUJm2rUFF_HjVc0NV13xaKTuSC3bWpuHT4xt6QxPh_cXw9Fek9q4zpXWYVtpspGJsPaLxlYkzbsQmiL9LH_Fs8NXJXObl2KWMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJm2rUFF_HjVc0NV13xaKTuSC3bWpuHT4xt6QxPh_cXw9Fek9q4zpXWYVtpspGJsPaLxlYkzbsQmiL9LH_Fs8NXJXObl2KWMQ&google_hm=NTQ2Nzc4NDM4Nzc4MDQzNTkzNg%3D%3D
Request Chain 294
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFYQABOGUjIY5PSHiHlkuXM&google_cver=1&google_push=AQvitUIFxFuMf7Pv8OtwJk6h2nQqF4AMZ-BS6b3eyEtc_QewN5XqaTNtKR5jAYz4-NR-cQjB6EbhfzeCKC_5Gcdbl6XcSdIYFdhx0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTA2OTY2MzU5NTIzODkwMA&google_push=AQvitUIFxFuMf7Pv8OtwJk6h2nQqF4AMZ-BS6b3eyEtc_QewN5XqaTNtKR5jAYz4-NR-cQjB6EbhfzeCKC_5Gcdbl6XcSdIYFdhx0g
Request Chain 295
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_cver=1&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ
Request Chain 296
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBG2zDSpDekobi41trDXTHA&google_cver=1&google_push=AQvitUIUqtGk9qKfSkDuD5ugCTgWJp4iBWtkzEo_LkQ4carRsM_DAuafmJiVu_7v6Nfm2r2A0BIUn-68wix7Gc6AorMYDVKgLgIIHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=TDd2SHZOQXJVYg==&google_push=AQvitUIUqtGk9qKfSkDuD5ugCTgWJp4iBWtkzEo_LkQ4carRsM_DAuafmJiVu_7v6Nfm2r2A0BIUn-68wix7Gc6AorMYDVKgLgIIHw
Request Chain 297
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLeaaK3HDZ1K0vcYS_p7Qo6j-401cSBMBDPCiJnxugFaokN1yAs HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLeaaK3HDZ1K0vcYS_p7Qo6j-401cSBMBDPCiJnxugFaokN1yAs&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLeaaK3HDZ1K0vcYS_p7Qo6j-401cSBMBDPCiJnxugFaokN1yAs&apid=UP4f9031f8-c170-11eb-b577-02a92b7887b4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLeaaK3HDZ1K0vcYS_p7Qo6j-401cSBMBDPCiJnxugFaokN1yAs
Request Chain 321
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5850541880282737778
Request Chain 323
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968143645283645592
Request Chain 324
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDc0xVN0JaNk1BQUREVFl4SXF5QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 325
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjzBQUmOQByAjsuiwBG05g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 328
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=652060b3-d1b6-4200-bce9-91beab1e9d4a
Request Chain 329
  • https://pixel.onaudience.com/?partner=214&mapped=B23CC141-498E-401C-808E-CBA2C011B4E6 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bfd74d5a8592b454f0478063bdebb950
Request Chain 330
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8115069663595238900
Request Chain 331
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&gdpr=0&gdpr_consent=
Request Chain 332
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=78774818-31cb-49a8-b2d7-3541243770de
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDjjid8rsdPwpji9Us0utp0&google_cver=1
Request Chain 334
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7538304888347731149&gdpr=0&gdpr_consent=
Request Chain 336
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B23CC141-498E-401C-808E-CBA2C011B4E6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GI75cwFE2uUVCKdpHqcWg5g12L761hQ-~A&gdpr=0&gdpr_consent=
Request Chain 337
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a7242ace-72b2-4c69-b726-523e704f5d05&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18991391-c571-4835-8b3b-91f8deaaa835&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 339
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YLPRugABYNh4DAAC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLPRugABYNh4DAAC&gdpr=0&gdpr_consent=&_test=YLPRugABYNh4DAAC
Request Chain 340
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 341
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10674cc9-499b-4117-8745-3e872b8659f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 343
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=36d39121-6970-4df5-9c6c-b9b3043f55b4-60b3d1ba-4348&gdpr=0&gdpr_consent=
Request Chain 354
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=appnexus&uid=7538304888347731149
Request Chain 355
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=609d1999-498e-4cac-b25a-dc7a83eda00a HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=609d1999-498e-4cac-b25a-dc7a83eda00a&apid=UP4f9031f8-c170-11eb-b577-02a92b7887b4 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
Request Chain 356
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
Request Chain 357
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
Request Chain 358
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
Request Chain 359
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
Request Chain 360
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
Request Chain 361
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
Request Chain 366
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
Request Chain 367
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
Request Chain 403
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=appnexus&uid=7538304888347731149
Request Chain 404
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316020461234205
Request Chain 405
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
Request Chain 406
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=78774818-31cb-49a8-b2d7-3541243770de&pubid=5fa6044d8d
Request Chain 407
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
Request Chain 408
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=652060b3-d1b6-4200-bce9-91beab1e9d4a
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=sonobi&bsw_custom_parameter=18991391-c571-4835-8b3b-91f8deaaa835 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=sonobi&expires=10&bsw_param=18991391-c571-4835-8b3b-91f8deaaa835 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=18991391-c571-4835-8b3b-91f8deaaa835
Request Chain 410
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a31f7619-a863-4ba9-b420-86d41a8dc634&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACsLU7BZ6MAADDTYxIqyA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 411
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&apid=UP4f9031f8-c170-11eb-b577-02a92b7887b4 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
Request Chain 412
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=90e4c984-9404-46b6-b244-9daf4d890743&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eUFKZDZNRUlqbnMxUE0tSE15V3R3QQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEH_5q26GpYPy9VNmyhe51Gc&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oS7GXksnNUOD
Request Chain 413
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
Request Chain 414
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACsLU7BZ6MAADDTYxIqyA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=ox&bee_sync_hop_count=1&userid=5753354653074265305
Request Chain 415
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159955 HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7538304888347731149 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_20c3396b-fcb0-41ac-8b82-5dbdad2b5b8e HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 417
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 418
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=2EHKXDnDiaK8f7uG2bzEog==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 420
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=v7omzSK31LNpFC5
Request Chain 421
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=18991391-c571-4835-8b3b-91f8deaaa835 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk12be4e43-9d70-4b6b-968d-19c1118d5d48&expires=7&user_group=5&ssp=openx&bsw_param=18991391-c571-4835-8b3b-91f8deaaa835 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=18991391-c571-4835-8b3b-91f8deaaa835
Request Chain 428
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPBHI3S8-3-6BR0&ex=d-rubiconproject.com&status=ok
Request Chain 430
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=652060b3-d1b6-4200-bce9-91beab1e9d4a
Request Chain 431
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Exkfb_Na7_eQUc9U9rSkVw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1873987793982307029
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGb2S4QStrc2bmqc_j2SZr8&google_cver=1
Request Chain 434
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCSEkzUzgtMy02QlIw
Request Chain 435
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ5Yjc1MjY2YmQ3YTk3NTY4YWJmNmYzMmQ4OGRiODBmMTUwYzY0MA
Request Chain 436
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBHI3S8-3-6BR0&sigv=1&esig=2~69edbbcdefb49382ae06ac91125daeefded5949c
Request Chain 461
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 462
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 463
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLPRxPBYd6-gTWzc59u0lwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
Request Chain 464
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&dcc=t
Request Chain 465
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMU9NUa8PBZ-JuO3_eCnUUI&google_cver=1
Request Chain 467
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=bfea5236-2bb6-4a3b-83d2-3933e57045c0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=bfea5236-2bb6-4a3b-83d2-3933e57045c0 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bfea5236-2bb6-4a3b-83d2-3933e57045c0
Request Chain 469
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030003_60b3d1c4e50b4&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_60b3d1c4e50b4
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB
Request Chain 473
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPlYXOsrP7b8JgdvScdS98s&google_cver=1
Request Chain 474
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&dcc=t
Request Chain 475
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLPRxPBYd6-gTWzc59u0nAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
Request Chain 476
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064a2204020dbbd22ffa117c&expiration=[EXPIRATION]
Request Chain 478
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=582470793980
Request Chain 480
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

474 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
79 KB
21 KB
Document
General
Full URL
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
20ce5d311778ee3b00b281534498c6a431ae128c9bbcfe8c1e4712c16e4e0b69
Security Headers
Name Value
Content-Security-Policy frame-ancestors frame-ancestors 'self'
X-Frame-Options 'SAMEORIGIN'

Request headers

Host
www.upi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:04 GMT
Server
Apache
Pragma
public
Cache-Control
maxage=300
Expires
Sun, 30 May 2021 18:01:04 GMT
Content-Security-Policy
frame-ancestors frame-ancestors 'self'
X-Frame-Options
'SAMEORIGIN'
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
X-Cacheable
Y
Content-Encoding
gzip
X-Varnish
74599099
Age
0
Via
1.1 varnish (Varnish/6.6)
X-Cached
0
Accept-Ranges
bytes
Transfer-Encoding
chunked
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43a53af989b537e12e404d3f2a032228d3319875e413dfb86ffd994864613763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 17:56:04 GMT
server
ESF
date
Sun, 30 May 2021 17:56:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 17:56:04 GMT
upi.v1616424891.css
www.upi.com/inc/css/
265 KB
45 KB
Stylesheet
General
Full URL
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
5f17264896af700aa957fd1259bf42423431a125e4e8d5e56c653dd6cb6902d3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Connection
keep-alive
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Content-Encoding
gzip
X-Cacheable
Y
Server
Apache
Age
0
Vary
Accept-Encoding,User-Agent
Content-Type
text/css;charset=UTF-8
Via
1.1 varnish (Varnish/6.6)
Cache-Control
maxage=3600
X-Varnish
74312720
Accept-Ranges
bytes
Content-Length
45554
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 09:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117002
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 09:26:02 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/
248 KB
66 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 07:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469327
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 07:33:57 GMT
f.v1781483897.js
www.upi.com/inc/js/
85 KB
23 KB
Script
General
Full URL
https://www.upi.com/inc/js/f.v1781483897.js?st=1&no_inf=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
445dda0934a49d0fb50c52257ca83ba4f3c653f43df98a597f997f2de18a0514

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Connection
keep-alive
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Content-Encoding
gzip
X-Cacheable
Y
Server
Apache
Age
0
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Via
1.1 varnish (Varnish/6.6)
Cache-Control
maxage=3600
X-Varnish
68730539
Accept-Ranges
bytes
Content-Length
23519
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
script.js
d3terveqlssriz.cloudfront.net/
113 KB
38 KB
Script
General
Full URL
https://d3terveqlssriz.cloudfront.net/script.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:cc00:f:baea:96c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2a469ad6e5c5674aee81995f9b2444d2aea8ac9188b4f4b02434d2e5897e647

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:55:52 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 00:48:16 GMT
server
AmazonS3
age
204
etag
W/"8a4582be8e11eeb64253060b24db16f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
INvYP3m0Cm7_saCcrn_1O2Knrx1VSFdbm0VM-xcDwhvK5Lpx33quBw==
185646-27948212525613.js
js-sec.indexww.com/ht/p/
37 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b421b28dce3e9701b38a2c6e7b309c454af094e19392435fc50b31fd18011673

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:05 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 May 2021 17:51:36 GMT
Server
Apache
ETag
"da18b3-930a-5c38fc2a34675"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3599
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12787
Expires
Sun, 30 May 2021 18:56:04 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:04 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1338
etag
W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6579d648daa22b1a-FRA
cf-request-id
0a6004418700002b1a20b02000000001
expires
Wed, 02 Jun 2021 17:56:04 GMT
pushly-sdk.min.js
cdn.p-n.io/
350 KB
70 KB
Script
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=si5maBoKqKuV2EnMkReTWgLs2x1JnVyCAxVm
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-59.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8dcd934f677c2261e8a71ecb99c707313b5fe26b2bfef76c973398196be6f7a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:51:44 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 13:40:44 GMT
server
AmazonS3
age
533
etag
W/"f1512330ead6a8d9eba03a5b35e5500a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
1Eodh2wgGItAz9v8WVi9XQKkvX0Rc8oUGPls_383BHpoRo4AYRtQEQ==
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42d83505cf667894c6a3036c322b69fc174850d8e961809c78559c5787dc1acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.upi.com
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Gwe1Xeq3wh81o1XE2hWrmA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
p4pSz5zLbgJTR0e9sLwRXKm15DXGaHfA1a6NGDB92piCIrQEK69Rewrd7zbD+UEFKE178igXcCA3G5mcKxZ56g==
x-fb-trip-id
686109401
x-fb-content-md5
be480a5326c78309eda2ed0a163f41fe
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 30 May 2021 17:56:04 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fd6d1393f42be239d5f31e103189a07b"
timing-allow-origin
*
expires
Sun, 30 May 2021 17:58:11 GMT
delivery.js
assets.revcontent.com/master/
363 KB
102 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a036cb29be66103f5b67471446f00da43d8776ef2493aab805f7cb6e72a3650

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 17:47:06 GMT
server
AmazonS3
x-amz-request-id
858EHP6S5T21843W
etag
"de38d2fcaca221f43cef59fc4e2dba98"
x-hw
1622397364.cds106.fr8.hn,1622397364.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
104478
x-amz-id-2
QJOybJICFbZutIZVsnfcTt8daiYHG0DohA1ABY/hnn6rT8JXgevW5y+FMnzYkSY5ZsJjbYh1zb0=
Dreary-chilly-start-to-holiday-weekend-breaks-records-across-Northeast.jpg
cdnph.upi.com/ph/st/th/2911622396056/2021/upi/7827b461934225ea64f6d5d3f57bbfc5/v1.2/
9 KB
9 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/2911622396056/2021/upi/7827b461934225ea64f6d5d3f57bbfc5/v1.2/Dreary-chilly-start-to-holiday-weekend-breaks-records-across-Northeast.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
6f911bd620d02dadbf7ae34cb88275c7f7a8f14ff3314fbb05f21ff132c5bcb9

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 17:46:08 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74628806
Accept-Ranges
bytes
Content-Length
8936
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
Texas-Senate-approves-bill-restricting-mail-in-ballots-other-methods.jpg
cdnph.upi.com/ph/st/th/9841622387994/2021/upi/2371ffc2557514c382daf80cdde45b0f/v1.2/
10 KB
10 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/9841622387994/2021/upi/2371ffc2557514c382daf80cdde45b0f/v1.2/Texas-Senate-approves-bill-restricting-mail-in-ballots-other-methods.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
c20ffb79fbd517dbcd9c20db86c984b9bbb06ae0366da785fdb56611fed9fbcf

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 16:56:30 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
68730548
Accept-Ranges
bytes
Content-Length
10018
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
British-Prime-Minister-Boris-Johnson-weds-Carrie-Symonds.jpg
cdnph.upi.com/ph/st/th/6511622383049/2021/upi_com/a0c30311aa46874b7220fa8fab76a588/v1.2/
8 KB
9 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/6511622383049/2021/upi_com/a0c30311aa46874b7220fa8fab76a588/v1.2/British-Prime-Minister-Boris-Johnson-weds-Carrie-Symonds.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
91c4a75cf9d5679ab50f003eb044da5867fc57ad1da0ea29a4901f1d11fa4f7a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 14:50:28 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
75270332
Accept-Ranges
bytes
Content-Length
8652
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
Two-dead-at-least-20-hurt-in-shooting-outside-concert-in-Miami-Dade.jpg
cdnph.upi.com/ph/st/th/9101622377377/2021/i/16223785118415/v1.2/
12 KB
13 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/9101622377377/2021/i/16223785118415/v1.2/Two-dead-at-least-20-hurt-in-shooting-outside-concert-in-Miami-Dade.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
fd82af52c38a26d4a030d756229a9a5a02db4c31465a931022dbb826c35e7b93

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 12:50:48 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74276009
Accept-Ranges
bytes
Content-Length
12614
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
Lawsuit-accuses-Marilyn-Manson-of-raping-ex-girlfriend-in-2011.jpg
cdnph.upi.com/ph/st/th/9681622336087/2021/upi/63afd2a7d17c73d77f89ebf59bf92fc7/v1.2/
9 KB
9 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/9681622336087/2021/upi/63afd2a7d17c73d77f89ebf59bf92fc7/v1.2/Lawsuit-accuses-Marilyn-Manson-of-raping-ex-girlfriend-in-2011.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
2ca50ab7a3256d9dea75ce6432799ce788af1bfe3662ba4c1238ed737b5baae3

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 01:02:21 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74312724
Accept-Ranges
bytes
Content-Length
8971
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
Brazilian-protesters-call-for-Bolsonaros-impeachment.jpg
cdnph.upi.com/ph/st/th/1841622333749/2021/i/16223340198595/v1.2/
10 KB
11 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/1841622333749/2021/i/16223340198595/v1.2/Brazilian-protesters-call-for-Bolsonaros-impeachment.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
947e57609a3f3e60e250c02cf08b666fe4c1b731559937ad10cbdaf982e10058

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 00:24:54 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74312726
Accept-Ranges
bytes
Content-Length
10684
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
Plane-carrying-Christian-leaders-crashes-into-Tennessee-lake-1-dead.jpg
cdnph.upi.com/ph/st/th/6541622331301/2021/i/16223314532691/v1.2/
8 KB
8 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/6541622331301/2021/i/16223314532691/v1.2/Plane-carrying-Christian-leaders-crashes-into-Tennessee-lake-1-dead.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
c38ca957256f3f1b8de7af6533b6e6b18b91bf6a4eaa4d5e8c5757d2b3ea8171

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 29 May 2021 23:44:28 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74350324
Accept-Ranges
bytes
Content-Length
8296
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
New-guidelines-make-it-easier-for-states-to-investigate-loan-servicers.jpg
cdnph.upi.com/ph/st/th/2671622327665/2021/upi/35844dd9f2b7787f3e6a70288ed08a4e/v1.2/
8 KB
8 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/2671622327665/2021/upi/35844dd9f2b7787f3e6a70288ed08a4e/v1.2/New-guidelines-make-it-easier-for-states-to-investigate-loan-servicers.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
30a773133838533daa3f8aa1148bfb210295b9a75f5573f42ef59c4682e639db

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 29 May 2021 22:42:07 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
75270334
Accept-Ranges
bytes
Content-Length
8307
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
Colombian-president-to-send-military-to-Cali-to-quell-protests.jpg
cdnph.upi.com/ph/st/th/6481622323841/2021/i/16223241696111/v1.2/
10 KB
11 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/6481622323841/2021/i/16223241696111/v1.2/Colombian-president-to-send-military-to-Cali-to-quell-protests.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
5d24722fd133411bbb8edfa914fdc1939da64540e7f4660f0e2ce3677dccf9c5

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 29 May 2021 21:42:28 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
73080893
Accept-Ranges
bytes
Content-Length
10571
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
TSA-screens-nearly-2-million-Memorial-Day-weekend-travelers.jpg
cdnph.upi.com/ph/st/th/1721622317746/2021/upi/afa871ca2adbf029690507bb9bd8e394/v1.2/
12 KB
12 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/1721622317746/2021/upi/afa871ca2adbf029690507bb9bd8e394/v1.2/TSA-screens-nearly-2-million-Memorial-Day-weekend-travelers.jpg?stfi=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
1c6118d495fbd3fab565c868ebf8b010885ab7e49d8717d2b2b43666b9ff9671

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 29 May 2021 20:00:40 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
68730550
Accept-Ranges
bytes
Content-Length
11917
X-Cached
0
Expires
Sun, 30 May 2021 18:56:05 GMT
Two-dead-at-least-20-hurt-in-shooting-outside-concert-in-Miami-Dade.jpg
cdnph.upi.com/ph/st/th/9101622377377/2021/i/16223785118415/v1.5/
4 KB
4 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/9101622377377/2021/i/16223785118415/v1.5/Two-dead-at-least-20-hurt-in-shooting-outside-concert-in-Miami-Dade.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
3776df2aa646d148b1eecbec404a6d59647d407c8a24882e8392e7d4e46c9c6b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 13:20:20 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
73080891
Accept-Ranges
bytes
Content-Length
3974
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
Brazes-star-Marcell-Ozuna-charged-in-strangling-hitting-wife.jpg
cdnph.upi.com/ph/st/th/3681622379088/2021/upi/cc41fa9c449e74fa2c29f7d90c6b643e/v1.5/
3 KB
4 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/3681622379088/2021/upi/cc41fa9c449e74fa2c29f7d90c6b643e/v1.5/Brazes-star-Marcell-Ozuna-charged-in-strangling-hitting-wife.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
ce9a3cdf01fbde8991add10b28dffc20195abf864fb05f44efbbf62ca219ce1c

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 13:40:05 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74836720
Accept-Ranges
bytes
Content-Length
3501
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
British-Prime-Minister-Boris-Johnson-weds-Carrie-Symonds.jpg
cdnph.upi.com/ph/st/th/6511622383049/2021/upi_com/a0c30311aa46874b7220fa8fab76a588/v1.5/
3 KB
3 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/6511622383049/2021/upi_com/a0c30311aa46874b7220fa8fab76a588/v1.5/British-Prime-Minister-Boris-Johnson-weds-Carrie-Symonds.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
226c9cf5c45fd500e1323600303da2d0653911a30fdafa75d4a208655967d502

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 15:46:58 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
68730545
Accept-Ranges
bytes
Content-Length
2910
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
Famous-birthdays-for-May-30-Idina-Menzel-Duncan-Jones.jpg
cdnph.upi.com/ph/st/th/5781621800825/2021/upi/07686c671a273804db14946aaff31608/v1.5/
3 KB
3 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/5781621800825/2021/upi/07686c671a273804db14946aaff31608/v1.5/Famous-birthdays-for-May-30-Idina-Menzel-Duncan-Jones.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
76107600294ae09d7baa69ef671d240e009e41792752ae922d393bf82158724e

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 13:08:24 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74628804
Accept-Ranges
bytes
Content-Length
3081
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
On-This-Day-Mariner-9-launched-toward-Mars.jpg
cdnph.upi.com/ph/st/th/5411621800828/2021/upi/08dd35328b1958c949bc91be3b8de6ba/v1.5/
3 KB
4 KB
Image
General
Full URL
https://cdnph.upi.com/ph/st/th/5411621800828/2021/upi/08dd35328b1958c949bc91be3b8de6ba/v1.5/On-This-Day-Mariner-9-launched-toward-Mars.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
edb2fbeac661365d4bebc366229d283ddcee473e37f0a6d3b679c66f07aa2f10

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sun, 30 May 2021 16:26:16 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74276005
Accept-Ranges
bytes
Content-Length
3388
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
Vintage-Hollywood.jpg
cdnph.upi.com/related/4581568650732/3/v1.2/da649965e512a76b00c6231515f4b3f8/upi/
22 KB
22 KB
Image
General
Full URL
https://cdnph.upi.com/related/4581568650732/3/v1.2/da649965e512a76b00c6231515f4b3f8/upi/Vintage-Hollywood.jpg?rc=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
bed8bfae72dfdecb281176c4fa2b85acaa0ef7cea1ccb8e37fa9cf7545a7accc

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Sat, 29 May 2021 09:11:15 GMT
Server
Apache
Age
0
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
maxage=3600
X-Varnish
74599112
Accept-Ranges
bytes
Content-Length
22360
X-Cached
0
Expires
Sun, 30 May 2021 18:56:04 GMT
photo_gallery_icon.svg
www.upi.com/img/
862 B
1 KB
Image
General
Full URL
https://www.upi.com/img/photo_gallery_icon.svg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
f49cd4209dc3ecf44c4d036ef21e7f6584aa68c31987af7afdb9772e898fa415

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243
Connection
keep-alive
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Fri, 01 Dec 2017 21:11:46 GMT
Server
Apache
Age
0
ETag
"35e-55f4dd0ef0880"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/svg+xml
X-Varnish
74599109
Accept-Ranges
bytes
Content-Length
862
X-Cached
0
img.fetch
udmserve.net/udm/
13 KB
4 KB
Script
General
Full URL
https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=6;
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
c703fb3237577f078076305875a52968c8783c210076747f6be7d4fe79db7302

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
clear.gif
www.upi.com/img/
42 B
431 B
Image
General
Full URL
https://www.upi.com/img/clear.gif
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243
Connection
keep-alive
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 16:17:18 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Thu, 07 Jun 2012 11:52:02 GMT
Server
Apache
Age
178726
ETag
"2a-4c1e08307bc80"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=864000, public, must-revalidate
X-Varnish
74574833 66707372
Accept-Ranges
bytes
Content-Length
42
X-Cached
1
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.upi.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sun, 30 May 2021 17:56:04 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 17:56:04 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
apstag.js
c.amazon-adsystem.com/aax2/
123 KB
33 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:30:51 GMT
content-encoding
gzip
server
Server
age
5112
etag
6bda376aea84df42909484ff0d20f22a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
7iV2kGh8hACCLQM7XX9BldZxc25jPH1q
x-amz-cf-id
yi9eLa6pgPctyZDFfNX0zlFKykxjnGpdRAyZOY0nsnbENUVElpsj2Q==
v2tmtNjHaNWqWogkdH9c1h0_CLtY8ZxZ_k98OPFtHHhviH8esrcrqB4RH905x13Mo
breakfastboat.com/
573 KB
107 KB
Script
General
Full URL
https://breakfastboat.com/v2tmtNjHaNWqWogkdH9c1h0_CLtY8ZxZ_k98OPFtHHhviH8esrcrqB4RH905x13Mo
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
27dea600687a034724fecbfad12180341e2e7c0dd3fae80746082217fb04ede2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"994b9c69d050353d6b1d1c9d13f151e218cb7d8f1f497706ac621ac277ba55d7"
vary
Accept-Encoding, Accept-Language
x-hostname
e604810c
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sun, 30 May 2021 17:56:05 GMT
timing-allow-origin
*
v2yri_nFKoRUYF-RWtIwpLP3oHo9j-RNxcJwpOlIO7_E2ld5Zl16p7b-7nWBecafzOEDxCpM4GqguRzQIog
breakfastboat.com/
16 KB
6 KB
Script
General
Full URL
https://breakfastboat.com/v2yri_nFKoRUYF-RWtIwpLP3oHo9j-RNxcJwpOlIO7_E2ld5Zl16p7b-7nWBecafzOEDxCpM4GqguRzQIog
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
af4788ff9a0d6620a6f96fc8c932e7e32082170dda36f48d582a8d24a2f7e4cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"daabcf6f78af5900e0ceeb514126d1bc553043ab4fdc41f9e685bb311ef04851"
vary
Accept-Encoding, Accept-Language
x-hostname
e604810c
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sun, 30 May 2021 17:56:05 GMT
timing-allow-origin
*
wrap.js
clarium.global.ssl.fastly.net/gpt/a/
110 KB
35 KB
Script
General
Full URL
https://clarium.global.ssl.fastly.net/gpt/a/wrap.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f02f3478018c6d9380143acd5eb1951935410ad4a4b4638dd3e78c91beb2806

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:05 GMT
Via
1.1 varnish
Server
nginx
Age
181
X-Served-By
cache-hhn4067-HHN
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript;charset=UTF-8
Content-Encoding
gzip
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1622397365.072393,VS0,VE0
Content-Length
35676
X-Cache-Hits
6
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:9800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:21:04 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
9301
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
hWfYA-XT7AqP85BQEsm8cVW1E4pdZ47a5dmrx21ZuR_jE9sxIpYObg==
expires
Mon, 31 May 2021 15:21:04 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42d83505cf667894c6a3036c322b69fc174850d8e961809c78559c5787dc1acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Gwe1Xeq3wh81o1XE2hWrmA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
p4pSz5zLbgJTR0e9sLwRXKm15DXGaHfA1a6NGDB92piCIrQEK69Rewrd7zbD+UEFKE178igXcCA3G5mcKxZ56g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
be480a5326c78309eda2ed0a163f41fe
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 30 May 2021 17:56:05 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fd6d1393f42be239d5f31e103189a07b"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 30 May 2021 17:58:11 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v17/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v17/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0c2a889d07d01755fc1a7818e2d54ba67c7b953b453dc22e8aaedcd29fe0b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:11:51 GMT
server
sffe
age
28346
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18332
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
age
28346
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 23:40:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
age
497706
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
expires
Tue, 24 May 2022 23:40:58 GMT
fontawesome-webfont.woff2
www.upi.com/inc/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.upi.com/inc/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.upi.com
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243
Connection
keep-alive
Origin
https://www.upi.com
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 15:13:04 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Mon, 02 Oct 2017 03:49:40 GMT
Server
Apache
Age
528179
ETag
"12d68-55a88439d7d00"
X-Cacheable
Y
Vary
User-Agent
Content-Type
font/woff2
Cache-Control
max-age=604800
X-Varnish
74799575 38906603
Accept-Ranges
bytes
Content-Length
77160
X-Cached
1
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
267117
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 27 May 2022 15:44:07 GMT
6692d5de-a5c7-4c22-b435-fbfa65ddc60a
player.ex.co/player/
603 KB
184 KB
Script
General
Full URL
https://player.ex.co/player/6692d5de-a5c7-4c22-b435-fbfa65ddc60a
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
901529dd4c66262d14d044bc968c76d69181eb8dfd09105fcc16083acba10a7f

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
age
8215
x-cache
HIT, HIT
access-control-max-age
600
content-length
187318
x-served-by
cache-dca17753-DCA, cache-fra19182-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1622397365.151676,VS0,VE2
etag
W/"96da2-cU5vXiNw/8bNTkFI0HDzfGvsIXM"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 1
sdk.js
connect.facebook.net/en_US/
218 KB
64 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9fd32263b8f4d9c1d955c5262b85cb15&ua=modern_es6
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29a4b0d41e9c25afeddc4de287fa9b60eda96a38f1e84f5d803b8dd9342846c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.upi.com
Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HC8HOTCgUvZPCdfN21Nj0Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65698
x-fb-rlafr
0
x-fb-debug
WNXLZfCaSz321HqplFmhsXgQW65y9ksPoEpt5ZZg0wAQicD7VIVhT1urEz6NVCXiJVYiulM5iTMSKtVJh8Oa8w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8480f3728e96bbbf8e2c2896bb30ee24
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 30 May 2021 17:56:04 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"819a5207705b68b9b2cdb6fac125575a"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 30 May 2022 16:19:04 GMT
DroidSerif-BoldItalic.woff2
www.upi.com/inc/fonts/
24 KB
24 KB
Font
General
Full URL
https://www.upi.com/inc/fonts/DroidSerif-BoldItalic.woff2
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
c3f5ba16538a2446ea66a6c5f0ea35b3a76b999e145bd56383c8585272af9c4c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.upi.com
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243
Connection
keep-alive
Origin
https://www.upi.com
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 15:13:05 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Wed, 21 Mar 2018 15:49:22 GMT
Server
Apache
Age
528179
ETag
"5f6c-567ee227c4480"
X-Cacheable
Y
Vary
User-Agent
Content-Type
font/woff2
Cache-Control
max-age=604800
X-Varnish
68730542 38906605
Accept-Ranges
bytes
Content-Length
24428
X-Cached
1
DroidSerif-Italic.woff2
www.upi.com/inc/fonts/
21 KB
21 KB
Font
General
Full URL
https://www.upi.com/inc/fonts/DroidSerif-Italic.woff2
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
229e0eb62816c09ca7b68fcd8c3f5eb0eefc5129e60ab0279c8c99f1bc4352c6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.upi.com
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243
Connection
keep-alive
Origin
https://www.upi.com
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 15:13:16 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Wed, 21 Mar 2018 15:49:22 GMT
Server
Apache
Age
528168
ETag
"53c8-567ee227c4480"
X-Cacheable
Y
Vary
User-Agent
Content-Type
font/woff2
Cache-Control
max-age=604800
X-Varnish
68730543 38886716
Accept-Ranges
bytes
Content-Length
21448
X-Cached
1
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 04:11:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
49474
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Mon, 30 May 2022 04:11:30 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5353
date
Sun, 30 May 2021 16:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sun, 30 May 2021 18:26:52 GMT
rnd_social.png
www.upi.com/upi/dw/img/
27 KB
27 KB
Image
General
Full URL
https://www.upi.com/upi/dw/img/rnd_social.png?v1
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
d81eccf8f3e0161155c82d3b8924f7346bcc39c0d3c9320d66c9d2ab76208b46

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243
Connection
keep-alive
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 16:17:18 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Mon, 02 Jul 2018 13:40:32 GMT
Server
Apache
Age
178726
ETag
"6a9b-5700457657400"
X-Cacheable
Y
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=864000, public, must-revalidate
X-Varnish
74599114 67054777
Accept-Ranges
bytes
Content-Length
27291
X-Cached
1
/
www.upi.com/story/stat/7598443422800/
0
322 B
XHR
General
Full URL
https://www.upi.com/story/stat/7598443422800/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.upi.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243
Connection
keep-alive
Content-Length
9
Pragma
no-cache
Host
www.upi.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 30 May 2021 17:56:04 GMT
Content-Encoding
gzip
X-Cacheable
N
Server
Apache
Age
0
Vary
Accept-Encoding,User-Agent
X-Varnish
74312722
Via
1.1 varnish (Varnish/6.6)
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
20
X-Cached
0
/
www.facebook.com/tr/
44 B
251 B
Image
General
Full URL
https://www.facebook.com/tr/?id=130795020312660&ev=fb_page_view&dl=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&rl=&if=false&ts=1622397364876&sw=1600&sh=1200&at=
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 30 May 2021 17:56:05 GMT
/
www.facebook.com/tr/
44 B
90 B
Image
General
Full URL
https://www.facebook.com/tr/?id=130795020312660&ev=fb_page_view&dl=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&rl=&if=false&ts=1622397364877&sw=1600&sh=1200&at=
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 30 May 2021 17:56:05 GMT
config
c.amazon-adsystem.com/cdn/prod/
0
300 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=0ade278c-0ca3-4360-94f3-b0471254a243&u=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:04 GMT
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.upi.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
EuIFLYYG5xAfgPb5lVYKLCHY29gsj58js6HYf-NcYFA8niPB9bWSbA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:40:53 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
8112
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
hbTCYjShVbqvmAlYz4NXptayeuSh3yniPQhkpFlKXlA_47s_FRByLQ==
bid
c.amazon-adsystem.com/e/dtb/
162 B
529 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&pid=m8I3D5cZxFrdh&cb=0&ws=1600x1200&v=7.65.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%221009753%2FUPI_728x90_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%221009753%2FUPI_728x90_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%221009753%2FUPI_300x250_R%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%221009753%2FUPI_300x250_R1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%221009753%2FUPI_160x600_Flex%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%221009753%2FUPI_300x250_InRead_ROS_Desktop%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%221009753%2FUPI_468x60_sticky_footer_desktop%22%7D%5D&cfgv=0&pubid=0ade278c-0ca3-4360-94f3-b0471254a243&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
aaf75952093249676c5c4830082d80a4e6ce40dd4951d53441bef14a1ea36eb8

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
154
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
x-amz-cf-id
TdyF5SM7ab7veHJSJz3c5wXlf2dkyYXGNP7LT4YPGOGSLoVh0EKsHg==
/
trends.revcontent.com/api/demand/
317 B
637 B
Fetch
General
Full URL
https://trends.revcontent.com/api/demand/?w=170311
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
20c294ffb9e852ce154f36de8b5ab603be928307fefc473600961513f0405ecb
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
content-length
230
sync
trends.revcontent.com/
62 B
475 B
Fetch
General
Full URL
https://trends.revcontent.com/sync
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0cd73f4b4da56efa64125905643d3ece03db3700c0f0c254d6472ceb84121f7d

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
etag
"11416f94-96ba-427c-99b7-7711fbe601a4"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://www.upi.com
cache-control
max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials
true
content-type
application/json
content-length
62
rid
match.adsrvr.org/track/
109 B
541 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185646
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
443dcd52cd69bb6a1e7b069fca1a59e3eecd0ae206e40df44c88ae2272022f08

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 29 Jun 2021 17:56:05 GMT
identity
api.rlcdn.com/api/
0
218 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
collect
stats.g.doubleclick.net/j/
1 B
82 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1342607-1&cid=1579957836.1622397365&jid=1664585084&gjid=436363353&_gid=105479036.1622397365&_u=IGBAgEABAAAAAE~&z=700352673
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 30 May 2021 17:56:05 GMT
content-type
text/plain
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1442751771&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&ul=en-us&de=UTF-8&dt=Sources%20say%20drug%20ring%20operates%20with%20police%20protection%20-%20UPI%20Archives&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1664585084&gjid=436363353&cid=1579957836.1622397365&tid=UA-1342607-1&_gid=105479036.1622397365&z=214441339
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 15:48:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7658
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/
56 B
378 B
Script
General
Full URL
https://gum.criteo.com/sync?c=446&r=2&j=dspCriteoRTUSCallback
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 30 May 2021 17:56:04 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2504
content-length
172
expires
60
generic
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:05 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
trends.revcontent.com/api/delivery/
28 KB
12 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=170311&width=1600&rev_allow_cookies=1&site_url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&icr_url=&revsub[utm_campaign]=null&revsub[utm_source]=null&va=0&user_uuid=11416f94-96ba-427c-99b7-7711fbe601a4&time=1622397365136&up=pc&bn=chrome&bv=89&widget_width=563
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
6d01de694a58d89b9298d281c058ed93a6624f225794498ad1e65c5e7b535c28
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
content-length
11558
acv.json
breakfastboat.com/
210 KB
46 KB
Fetch
General
Full URL
https://breakfastboat.com/acv.json
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Fri, 21 May 2021 18:23:25 GMT
x-datacenter
gce-europe-west1
date
Sun, 30 May 2021 17:56:05 GMT
vary
Accept-Encoding, Origin
x-hostname
e604810c
content-type
application/json
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
acv.json
breakfastboat.com/
210 KB
46 KB
Fetch
General
Full URL
https://breakfastboat.com/acv.json
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Fri, 21 May 2021 18:23:25 GMT
x-datacenter
gce-europe-west1
date
Sun, 30 May 2021 17:56:05 GMT
vary
Accept-Encoding, Origin
x-hostname
e604810c
content-type
application/json
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
headerstats
as-sec.casalemedia.com/
0
427 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=289693&u=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185646-27948212525613.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
X-AK-INITIAL-GEO
CC:[CH], RC:[ZH], CN:[EU], CIP:[217.138.203.212], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.upi.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Sun, 30 May 2021 17:56:05 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 129E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t
284 B
960 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4d4fc3d2e88cfe000f78e9100cfa3f3e4b0f8108a2551757040a77faf54b4028

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.upi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
223
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 17:56:05 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 17:56:05 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t
Set-Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 17:56:05 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
generic
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:05 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
ping
ping.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=upi.com&p=%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&u=rOet5CHt0Y2D5GC8L&d=upi.com&g=4027&g0=UPI%20Archives&g1=SALLY%20ANN%20DENTON&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3891&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1540&t=DhdJKTCPZjyqDKyucRpqzZuCLe21N&V=126&i=Sources%20say%20drug%20ring%20operates%20with%20police%20protection%20-%20UPI%20Archives&tz=-120&sn=1&sv=6eqmZCgZppeBcZpWKG68_5D-YpPA&sd=1&im=067b0fff&_
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.108.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-108-122.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
events
prd-collector-anon.ex.co/main/
0
134 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/6692d5de-a5c7-4c22-b435-fbfa65ddc60a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-25-178.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:05 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/
2 KB
548 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 17:25:05 GMT
server
ESF
date
Sun, 30 May 2021 17:56:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 17:56:05 GMT
Afvwf
ad.doubleclick.net/ddm/adj/Alica/
11 B
645 B
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/Alica/Afvwf
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.v161978761.js
www.upi.com/inc/js/
218 KB
67 KB
Script
General
Full URL
https://www.upi.com/inc/js/prebid.v161978761.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
1a85e7d37f466f7aa77b74252a8deb14ced805a195e607fd6a7cbab9bc775f58

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243; _ga=GA1.2.1579957836.1622397365; _gid=GA1.2.105479036.1622397365; _gat=1; usprivacy=1---; _cb_ls=1; _cb=rOet5CHt0Y2D5GC8L; _chartbeat2=.1622397365283.1622397365283.1.6eqmZCgZppeBcZpWKG68_5D-YpPA.1; _cb_svref=null
Connection
keep-alive
Referer
https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Apr 2021 15:06:01 GMT
Server
Apache
Age
0
ETag
W/"369c7-5c11dd560613a-gzip"
X-Cacheable
Y
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Via
1.1 varnish (Varnish/6.6)
Cache-Control
max-age=864000, public, must-revalidate
X-Varnish
74599115
Accept-Ranges
bytes
Content-Length
67704
X-Cached
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
62 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
146c97c4ccc59ab0ece0e5e20855b639557671416c743b4e57e20b875da15447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"887 / 864 of 1000 / last-modified: 1622153345"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21423
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
317553
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 27 May 2022 01:43:32 GMT
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:05 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
script.js
d1bvk193qme2fc.cloudfront.net/
116 KB
39 KB
Script
General
Full URL
https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d200:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e061e58325efea71b9c1d16bf4eaca01ee507b2937d078d4ee75cac2d96f4d5b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:54:41 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 00:48:15 GMT
server
AmazonS3
age
87
etag
W/"9d7d308623eb95b38c0499cf7c0b7c53"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
sq8MEvf2x7ZRbmMy_r8Z8t2sF5d2PCjX0EmMEXAQw5evzMD1ygpuOA==
/
img.revcontent.com/
20 KB
20 KB
Image
General
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1622397365.cds139.fr8.hn,1622397365.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=18991391-c571-4835-8b3b-91f8deaaa835&ssp=revcontent&gdpr=&gdpr_consent=
43 B
324 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=18991391-c571-4835-8b3b-91f8deaaa835&ssp=revcontent&gdpr=&gdpr_consent=
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:05 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=18991391-c571-4835-8b3b-91f8deaaa835&ssp=revcontent&gdpr=&gdpr_consent=
date
Sun, 30 May 2021 17:56:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y%3D&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y%3D&rev_dt=1622397365&us_privacy=&rev_dt=1622397365135
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y=&bidder=154&bidder_uid=5199c074-6301-450d-a804-dbc4c7683394
35 B
215 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y=&bidder=154&bidder_uid=5199c074-6301-450d-a804-dbc4c7683394
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=YzgxMTJkY2EwYTY3NWM0MmZjYTYyZmUwOWNhNDM3N2Y=&bidder=154&bidder_uid=5199c074-6301-450d-a804-dbc4c7683394
Date
Sun, 30 May 2021 17:56:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
rc-logo.png
cdn.revcontent.com/assets/img/
4 KB
4 KB
Image
General
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
last-modified
Thu, 27 May 2021 19:27:12 GMT
etag
"1622143632"
x-hw
1622397365.cds155.fr8.hn,1622397365.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=39441
accept-ranges
bytes
content-length
4298
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame DE55
3 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Fri, 28 May 2021 17:47:19 GMT
expires
Sat, 28 May 2022 17:47:19 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
173326
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 636B
3 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Fri, 28 May 2021 17:47:19 GMT
expires
Sat, 28 May 2022 17:47:19 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
173326
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2021052401.js
securepubads.g.doubleclick.net/gpt/
309 KB
108 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 08:37:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110966
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:05 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.upi.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 01:32:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
491042
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Wed, 25 May 2022 01:32:03 GMT
DroidSerif-Bold.woff2
www.upi.com/inc/fonts/
26 KB
27 KB
Font
General
Full URL
https://www.upi.com/inc/fonts/DroidSerif-Bold.woff2
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
38.118.71.121 , United States, ASN36106 (MANAGEDNODES, US),
Reverse DNS
Software
Apache /
Resource Hash
6b0d54a14bb1c077bb51053c5237f23c5f1c44a92a83063875cb7182afa4a981

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.upi.com
Accept-Encoding
gzip, deflate, br
Host
www.upi.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
Cookie
_upi_uid=63382917-3459-411c-9969-3447fd75d243; _ga=GA1.2.1579957836.1622397365; _gid=GA1.2.105479036.1622397365; _gat=1; usprivacy=1---; _cb_ls=1; _cb=rOet5CHt0Y2D5GC8L; _chartbeat2=.1622397365283.1622397365283.1.6eqmZCgZppeBcZpWKG68_5D-YpPA.1; _cb_svref=null
Connection
keep-alive
Origin
https://www.upi.com
Referer
https://www.upi.com/inc/css/upi.v1616424891.css?st=1&no_inf=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 15:13:21 GMT
Via
1.1 varnish (Varnish/6.6)
Last-Modified
Wed, 21 Mar 2018 15:49:22 GMT
Server
Apache
Age
528163
ETag
"6948-567ee227c4480"
X-Cacheable
Y
Vary
User-Agent
Content-Type
font/woff2
Cache-Control
max-age=604800
X-Varnish
74599117 45043951
Accept-Ranges
bytes
Content-Length
26952
X-Cached
1
c3d679648e9240821475b47e5f26ffb2.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
5 KB
5 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/c3d679648e9240821475b47e5f26ffb2.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6c63d867d6acbf3f51ea6e311d157fade5582e1387140cdc4070e92b4a3c8854
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=114;cpu=1;start=2021-05-27T17:47:23.924Z;desc=miss,rtt;dur=0,cloudinary;dur=19;start=2021-05-27T17:47:23.972Z
content-length
4718
last-modified
Thu, 27 May 2021 17:47:20 GMT
server
Cloudinary
etag
"309ee4bff31e3e8d728454ec6ad36d4f"
vary
Save-Data
x-hw
1622397365.cds135.fr8.hn,1622397365.cds282.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5ebbc225829ea2-91928456.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
10 KB
11 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5ebbc225829ea2-91928456.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
40ec127334ff45cc8538035a25a2215c5ac43c206fe391f796fb2e5ea9837591
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-05-27T17:58:59.404Z;desc=hit,rtt;dur=0
content-length
10686
last-modified
Thu, 27 May 2021 17:47:20 GMT
server
Cloudinary
etag
"195afea48316ab0679596b44ab708d7d"
vary
Save-Data
x-hw
1622397365.cds135.fr8.hn,1622397365.cds015.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5f3d5410020ba7-50927209.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
8 KB
8 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5f3d5410020ba7-50927209.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
73dd6b8fa301ecc49c7b3a4f99ea63416dcbaa2c6d684052ee4fda606451dfff
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-05-27T17:59:19.439Z;desc=hit,rtt;dur=0
content-length
8404
last-modified
Thu, 27 May 2021 17:47:24 GMT
server
Cloudinary
etag
"c0e954af44c14be5d0bbaeb5cc7cc9a0"
vary
Save-Data
x-hw
1622397365.cds135.fr8.hn,1622397365.cds252.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
317390550f727f446f1ca7a108cd1c88.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
7 KB
7 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/317390550f727f446f1ca7a108cd1c88.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
70577ff53b2d496d4decb760ccf6549f03df365b173b74afedc062c4c5e1ec85
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=287;cpu=1;start=2021-05-27T17:47:48.570Z;desc=miss,rtt;dur=0,cloudinary;dur=191;start=2021-05-27T17:47:48.615Z,cld-id;desc=ea4a590d4148e4afd0a9badfa0b3e803
content-length
7179
x-request-id
ea4a590d4148e4afd0a9badfa0b3e803
last-modified
Mon, 12 Oct 2020 18:14:06 GMT
server
Cloudinary
etag
"c2e226fc72dfc4a6ea71278076d296e2"
vary
Save-Data
x-hw
1622397365.cds135.fr8.hn,1622397365.cds233.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15643107941285251590.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
5 KB
6 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15643107941285251590.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a0f026119e03b7b3570cf1d49d262e0bc0dac2944a2bcf3dc832efbf3341e02f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=332;cpu=0;start=2021-05-27T17:47:21.527Z;desc=miss,rtt;dur=0,cloudinary;dur=240;start=2021-05-27T17:47:21.573Z,cld-id;desc=303ca28f904c67043afdb23b19753e98
content-length
5511
x-request-id
303ca28f904c67043afdb23b19753e98
last-modified
Mon, 12 Oct 2020 18:14:17 GMT
server
Cloudinary
etag
"da3216cf45f4778876400958e6b22ab1"
vary
Save-Data
x-hw
1622397365.cds135.fr8.hn,1622397365.cds154.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5fcc6e128c04f7-37326481.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/
6 KB
6 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5fcc6e128c04f7-37326481.jpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
fd17c6d5a041c7eb0ec66ff5d6deaf8e35e5f3dddbc915b49f95ea1c2942c65e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=3;cpu=2;start=2021-05-27T18:20:21.863Z;desc=hit,rtt;dur=0
content-length
5997
last-modified
Thu, 27 May 2021 17:48:25 GMT
server
Cloudinary
etag
"cce30969083f58652d03b27c17d11c08"
vary
Save-Data
x-hw
1622397365.cds135.fr8.hn,1622397365.cds282.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cookie_sync
prebid.adnxs.com/pbs/v1/
933 B
779 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
c978f347c47062a30bcf41e3d7cd9682802f67174dd05b682db7c9ce5def8556

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/
203 B
544 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
349047b13dc01d45b53deead482e156c070db0a76fc2140a1e3457ddad90eec2

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
203
Expires
0
c
prebid.a-mo.net/a/
861 B
782 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
33e34791a63772c31c0d5b48c7887c69b528f63e76f528b12b24c2ab1b1af69a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
98
content-length
355
arj
upi-d.openx.net/w/1.0/
172 B
557 B
XHR
General
Full URL
https://upi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36419454-c72d-4aba-bdb7-8d35e86976a3%2C19b5e491-017d-453c-b8cb-be14fcd5dba8%2C0b7a28eb-3182-4612-b284-b29992428d72%2C0c038f6f-a2d2-4995-8dc2-f0a7c53f08ef%2C072c44a3-3691-40a7-800b-6f14ce957c47%2C2b06c7fa-f96a-4771-ac5a-c5751e4c1c38&nocache=1622397365624&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!ascendeum.com%2Casc90189%2C1%2C%2C%2C&aus=728x90%2C970x250%7C300x250%2C300x600%2C160x600%2C300x1050%7C300x250%2C160x600%7C160x600%2C300x600%7C300x250%7C468x60&divIds=div-ad-top%2Cdiv-ad-r%2Cdiv-ad-r1%2Cdiv-ad-flex%2Cdiv-ad-inread%2Cdiv-ad-UPI_468x60_sticky_footer_desktop&auid=539240710%2C539240712%2C539240713%2C539240715%2C539240716%2C543983643
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
15c36f3b630e37a49d80bf804f2363921d2046109ca6329380e7d670955283d9

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.upi.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/
2 B
474 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22905cf632-f8e9-4436-8a4f-13c9babddb83%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1622397365626%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22521147b946adce1%22%3A%22_lO6ArzuweK%22%7D%2C%22bidSizes%22%3A%7B%22521147b946adce1%22%3A%5B%5B468%2C60%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B468%2C60%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-ad-UPI_468x60_sticky_footer_desktop%22%2C%22transactionId%22%3A%222b06c7fa-f96a-4771-ac5a-c5751e4c1c38%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22bidId%22%3A%22521147b946adce1%22%2C%22bidderRequestId%22%3A%22511c4a7821e548a%22%2C%22auctionId%22%3A%22caf0daef-36f4-4bb8-89d8-71f28ae5476d%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.146.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cygnus
htlb.casalemedia.com/
0
0

bid-request
a.teads.tv/hb/
0
0

auction
prebid.adnxs.com/pbs/v1/openrtb2/
656 B
1015 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
f5993c915e34cdcb86d906e492435185186af1bf0679f50ce2b8067503759d2b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
656
Expires
0
bid
krk.kargo.com/api/v2/
2 B
474 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22905cf632-f8e9-4436-8a4f-13c9babddb83%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1622397365645%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22135172548a373a01%22%3A%22_lO6ArzuweK%22%2C%221360412d8d1762b%22%3A%22_lO6ArzuweK%22%7D%2C%22bidSizes%22%3A%7B%22135172548a373a01%22%3A%5B%5B468%2C60%5D%5D%2C%221360412d8d1762b%22%3A%5B%5B468%2C60%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B468%2C60%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-ad-UPI_468x60_sticky_footer_desktop%22%2C%22transactionId%22%3A%22629dc2d3-fd0e-401c-9fa4-3ec2aa25f91c%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22bidId%22%3A%22135172548a373a01%22%2C%22bidderRequestId%22%3A%221347b8cb3a660f32%22%2C%22auctionId%22%3A%2232cbf724-7612-4e66-84f6-d6fba12cd8aa%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A3%2C%22bidderRequestsCount%22%3A3%2C%22bidderWinsCount%22%3A0%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B468%2C60%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-ad-UPI_468x60_sticky_footer_desktop%22%2C%22transactionId%22%3A%229a1ac622-9cfd-4317-b870-c6d5f4ff0dea%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22bidId%22%3A%221360412d8d1762b%22%2C%22bidderRequestId%22%3A%221347b8cb3a660f32%22%2C%22auctionId%22%3A%2232cbf724-7612-4e66-84f6-d6fba12cd8aa%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A3%2C%22bidderRequestsCount%22%3A3%2C%22bidderWinsCount%22%3A0%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.146.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
arj
upi-d.openx.net/w/1.0/
172 B
355 B
XHR
General
Full URL
https://upi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=50799f68-09d1-4f37-9e85-d2666b5a305a%2C993d01d2-b50e-42d0-8541-462181a69377%2Ca8582a09-473c-47e3-ac64-59d38571dbef%2C5082ed4b-806e-43fb-91ad-7e07a7d204b5%2C8ad01394-2356-44d8-8331-8acb49d6071d%2C629dc2d3-fd0e-401c-9fa4-3ec2aa25f91c%2C69665a91-3a56-451e-b662-933fb20d4973%2Ceb21984f-b012-4b25-bd7c-7f5a24c44919%2C0159decf-af6b-4a69-bc15-e8656c0e08e4%2C834202b3-8a71-4fd5-8390-b64ee5cddf55%2Cb3f81de4-af45-40d4-958c-e4199bc9f5c2%2C9a1ac622-9cfd-4317-b870-c6d5f4ff0dea&nocache=1622397365651&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!ascendeum.com%2Casc90189%2C1%2C%2C%2C&aus=728x90%2C970x250%7C300x250%2C300x600%2C160x600%2C300x1050%7C300x250%2C160x600%7C160x600%2C300x600%7C300x250%7C468x60%7C728x90%2C970x250%7C300x250%2C300x600%2C160x600%2C300x1050%7C300x250%2C160x600%7C160x600%2C300x600%7C300x250%7C468x60&divIds=div-ad-top%2Cdiv-ad-r%2Cdiv-ad-r1%2Cdiv-ad-flex%2Cdiv-ad-inread%2Cdiv-ad-UPI_468x60_sticky_footer_desktop%2Cdiv-ad-top%2Cdiv-ad-r%2Cdiv-ad-r1%2Cdiv-ad-flex%2Cdiv-ad-inread%2Cdiv-ad-UPI_468x60_sticky_footer_desktop&auid=539240710%2C539240712%2C539240713%2C539240715%2C539240716%2C543983643%2C539240710%2C539240712%2C539240713%2C539240715%2C539240716%2C543983643
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
93210a77ea4ba0f3af2eceedfcdbe3565b1b56898c8bb78416dcbf704feaa71c

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.upi.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/
0
0

c
prebid.a-mo.net/a/
861 B
619 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.upi.com
URL: https://www.upi.com/inc/js/prebid.v161978761.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ce4041bea1e2f1dce61f9119e1eb4c1755220acbb9137d8dcba36136a6c6c568

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
251
content-length
357
cygnus
htlb.casalemedia.com/
0
0

config.js
confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/
97 KB
22 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01b9430ade694fe8bcd8bbbcc05510ce39f4bb386ca60c0b82f7871b71702540

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:12 GMT
Content-Encoding
gzip
Age
1350
X-Cache
HIT
Connection
keep-alive
Content-Length
21768
x-amz-id-2
Dy82tNu9jWDWFfbY+ZOH1RWkRtFIszypZFkpT99l0se6NWcHjjFwiOU40uEybgKNZE4oZAjqWxI=
X-Served-By
cache-fra19154-FRA
Last-Modified
Sun, 30 May 2021 17:12:23 GMT
Server
AmazonS3
X-Timer
S1622397373.866398,VS0,VE0
ETag
"898a4b6b7a299c3367ed7fe335901208"
x-amz-request-id
P195YTZRPGWW5MWN
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
121
udm-r3_v2.6.27.js
bid.underdog.media/
476 KB
147 KB
Script
General
Full URL
https://bid.underdog.media/udm-r3_v2.6.27.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e583af855c8e4ebd9c7218cf624d763268fa478ca34dcddf43d9de52bfb7088f

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:33:29 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 21:27:09 GMT
server
AmazonS3
age
332556
etag
"2a5027dd3d1d053f9ce4a6e6e75a8e57"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
149588
x-amz-cf-id
c7z-FrtKe2_zD483rmeXa-1Wj-mLm20aKbuKi9sC6hV9GYovk-R31Q==
quant.js
secure.quantserve.com/
24 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 06 Jun 2021 17:56:05 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7538304888347731149
43 B
595 B
Image
General
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7538304888347731149
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:08 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:08 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid
44725e0a-2c13-4db5-b8a0-4efabdbe94f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7538304888347731149
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjIzQ0MxNDEtNDk4RS00MDFDLTgwOEUtQ0JBMkMwMTFCNEU2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DB23CC141-498E-401C-808E-CBA2C011B4E6
  • https://udmserve.net/udm/fetch.pix?pmid=B23CC141-498E-401C-808E-CBA2C011B4E6
43 B
611 B
Image
General
Full URL
https://udmserve.net/udm/fetch.pix?pmid=B23CC141-498E-401C-808E-CBA2C011B4E6
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:06 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=B23CC141-498E-401C-808E-CBA2C011B4E6
date
Sun, 30 May 2021 15:52:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
services
sync.technoratimedia.com/
0
292 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
265130672
access-control-allow-origin
https://www.upi.com/
access-control-allow-credentials
true
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24
  • https://udmserve.net/udm/fetch.pix?dt=1;admix=df19b00881bf43dbb321823b3f7d1f68
43 B
608 B
Image
General
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;admix=df19b00881bf43dbb321823b3f7d1f68
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:13 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 May 2021 17:56:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://udmserve.net/udm/fetch.pix?dt=1;admix=df19b00881bf43dbb321823b3f7d1f68
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D
  • https://udmserve.net/udm/fetch.pix?dt=1;acu=8dbf91771255349e802ebcca97178b50a52561fa
43 B
614 B
Image
General
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;acu=8dbf91771255349e802ebcca97178b50a52561fa
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:07 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://udmserve.net/udm/fetch.pix?dt=1;acu=8dbf91771255349e802ebcca97178b50a52561fa
Date
Sun, 30 May 2021 17:56:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame C773
2 KB
1 KB
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
725b2a08bec003a6280ec189b09f040117d64344b6bb7319517403806c76b628

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&dcc=t

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
686
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
rum.js
securepubads.g.doubleclick.net/pagead/js/
54 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3538
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 17:57:07 GMT
integrator.js
adservice.google.ch/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.upi.com
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.upi.com
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
429 KB
64 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=323674518006735&correlator=835302499215201&output=ldjh&impl=fifs&eid=31060413%2C31061003%2C31061149%2C21066613%2C21066615%2C21067088&vrg=2021052401&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=1009753%2CUPI_728x90_ATF%2CUPI_728x90_BTF%2CUPI_300x250_R%2CUPI_300x250_R1%2CUPI_160x600_Flex%2CUPI_300x250_InRead_ROS_Desktop%2CUPI_468x60_sticky_footer_desktop%2CUPI_1x1_ROS%2CUPI_1x1_Sponsored&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%7C970x250%2C728x90%2C300x250%7C300x600%7C160x600%7C300x1050%2C300x250%7C160x600%2C300x250%7C300x600%7C160x600%7C300x1050%2C300x250%2C468x60%2C1x1%2C1x1&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7C&cust_params=refreshTest%3Dtrue%26refreshIteration%3D0%26floortest%3Dfalse%26Section%3Darchives%26ArticleID%3D7598443422800%26PageType%3DArticle%26Author%3DSALLY%2520ANN%2520DENTON&cookie_enabled=1&bc=31&abxe=1&lmt=1622397365&dt=1622397365754&dlt=1622397364179&idt=1533&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C-9%2C1010%2C1010%2C-9%2C325%2C-9%2C-9%2C-9&adys=98%2C-9%2C412%2C1617%2C-9%2C735%2C-9%2C-9%2C-9&adks=2786708225%2C1802100661%2C4285528634%2C2149122340%2C1258098792%2C3758348931%2C161048266%2C3045956223%2C1618421751&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&rumc=323674518006735&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90%7C0x-1%7C360x0%7C360x0%7C0x-1%7C562x-1%7C0x-1%7C0x-1%7C0x-1&msz=1600x90%7C0x-1%7C360x0%7C360x0%7C0x-1%7C562x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1579957836.1622397365&ga_sid=1622397366&ga_hid=1442751771&ga_fc=false&fws=0%2C2%2C0%2C0%2C2%2C4%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C562%2C0%2C0%2C0&btvi=0%7C-1%7C0%7C1%7C-1%7C0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e6889f0ab4842ddd05640df07afee1dba8003ac96579def332d8e0aed68be826
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COqq25X98fACFb3auwgd-e4OHg&gqi=&layout=/sadbundle/%24csp%253Der3%24/6035171998416502784/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COqq25X98fACFb3auwgd-e4OHg&gqi=&layout=/sadbundle/%24csp%253Der3%24/6035171998416502784/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
google-creative-id
-1,-1,-1,-1,-1,-1,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65868
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Sun, 30 May 2021 17:56:07 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.upi.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
59 KB
17 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=323674518006735&correlator=835302499215201&output=ldjh&impl=fifs&eid=31060413%2C31061003%2C31061149%2C21066613%2C21066615%2C21067088&vrg=2021052401&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=1009753%2CUPI_Desktop_300x250_Inread_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=refreshTest%3Dtrue%26refreshIteration%3D0%26floortest%3Dfalse%26Section%3Darchives%26ArticleID%3D7598443422800%26PageType%3DArticle%26Author%3DSALLY%2520ANN%2520DENTON&cookie_enabled=1&bc=31&abxe=1&lmt=1622397365&dt=1622397365760&dlt=1622397364179&idt=1533&frm=20&biw=1600&bih=1200&oid=3&adxs=325&adys=3143&adks=3455931669&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&rumc=323674518006735&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=562x-1&msz=562x-1&ga_vid=1579957836.1622397365&ga_sid=1622397366&ga_hid=1442751771&ga_fc=false&fws=4&ohw=562&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f6479017a518d84475443da98e0bce03f96e93ff4264cb43834fa2fae9d07405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17653
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
66 KB
23 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=323674518006735&correlator=835302499215201&output=ldjh&impl=fifs&eid=31060413%2C31061003%2C31061149%2C21066613%2C21066615%2C21067088&vrg=2021052401&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=1009753%2CUPI_Desktop_300x250_Inread_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=refreshTest%3Dtrue%26refreshIteration%3D0%26floortest%3Dfalse%26Section%3Darchives%26ArticleID%3D7598443422800%26PageType%3DArticle%26Author%3DSALLY%2520ANN%2520DENTON&cookie_enabled=1&bc=31&abxe=1&lmt=1622397365&dt=1622397365763&dlt=1622397364179&idt=1533&frm=20&biw=1600&bih=1200&oid=3&adxs=325&adys=4589&adks=3455931863&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&rumc=323674518006735&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=562x-1&msz=562x-1&ga_vid=1579957836.1622397365&ga_sid=1622397366&ga_hid=1442751771&ga_fc=false&fws=4&ohw=562&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f3da5dd8dc7aaa63592265cf59d2d1fd31c134110517a06912ce3b26026c0dc4
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2HxJX98fACFQRG5Qod2WgFWA&gqi=&layout=/sadbundle/%24csp%253Der3%24/283230849334247424/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2HxJX98fACFQRG5Qod2WgFWA&gqi=&layout=/sadbundle/%24csp%253Der3%24/283230849334247424/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23521
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sun, 30 May 2021 17:56:06 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5745752381469287173
0
598 B
Image
General
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5745752381469287173
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
Server
nginx/1.19.0
Vary
Origin
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.120:80
AN-X-Request-Uuid
7d1a0284-121c-42de-bc0d-a9f04c64d132
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5745752381469287173
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rules-p-effSsmMYCbAck.js
rules.quantcount.com/
3 B
429 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:fa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 11:14:35 GMT
via
1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
age
24091
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:04:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
KFaxWusErFSX3AnkDoXBr8Vpl3lrin3GdpC1YH5lvgmOp-wqSJp4mw==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/
147 B
603 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:fa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:10:33 GMT
via
1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
age
2732
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
147
last-modified
Tue, 27 Apr 2021 19:10:31 GMT
server
AmazonS3
etag
"f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
mWSMeLmWHELgYRHb4xu2Hm5qu9nT2ksRJRMNjJk5jevyOjIxyL_Teg==
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7637
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6a65059be8c0e2d71eb1c9978268b780c3c688088dc3f4832aa9747333e7dcd5

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YLPRtrIR8KdwU09DUngA4wAA; CMPS=3263
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|45|111|3|57|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1682
Expires
Sun, 30 May 2021 17:56:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YLPRtrIR8KdwU09DUngA4wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:06 GMT CMPS=3263;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:06 GMT CMPRO=1200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:06 GMT CMRUM3=2d60b3d1b605a0&0360b3d1b605a0&6960b3d1b605a0&e660b3d1b62760&f160b3d1b605a0&2760b3d1b60b40&6f60b3d1b605a0&3960b3d1b605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:06 GMT CMST=YLPRtmCz0bYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 17:56:06 GMT

Redirect headers

Server
Apache
Content-Length
333
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 30 May 2021 17:56:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YLPRtrIR8KdwU09DUngA4wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:06 GMT CMPS=3263;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:06 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 24D2
8 KB
3 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Wed, 21 Oct 2020 18:57:29 GMT
etag
"1300708-1f78-5b232eb4914bb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2654
content-type
text/html; charset=UTF-8
cache-control
max-age=110169
expires
Tue, 01 Jun 2021 00:32:17 GMT
date
Sun, 30 May 2021 17:56:08 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A543
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 May 2021 17:56:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9AA3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UsZoq2Z1l2NFBm2xKoUjI35pJ8UiTXE-&
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UsZoq2Z1l2NFBm2xKoUjI35pJ8UiTXE-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:08 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Sun, 30 May 2021 17:56:08 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1yf5;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Tue, 31-May-2022 17:56:08 GMT;Secure;SameSite=None A3=d=AQABBLjRs2ACEANDpK71ODmVsil-BpkaRI8FEgEBAQEjtWC9YAAAAAAA_eMAAA&S=AQAAAif9gayo1dkgk3HmbYkQSBo; Expires=Mon, 30 May 2022 23:56:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=8uh0qj5gb7kdo&b=3&s=i8; Expires=Mon, 30 May 2022 23:56:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UsZoq2Z1l2NFBm2xKoUjI35pJ8UiTXE-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
cm
u.openx.net/w/1.0/ Frame 4E0D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
551 B
669 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
47f163fd106410ef75b2b8a05365a6f21af8c8b078d1d223edbb642c4c03b031

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
pd=v2|1622397370.2|kiiygevNgun0.ns; i=d4bb7f39-39c2-0f7b-00dd-3fd96e82cde5|1622397372
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=d4bb7f39-39c2-0f7b-00dd-3fd96e82cde5|1622397372; Version=1; Expires=Mon, 30-May-2022 17:56:12 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622397370.2|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Mon, 14-Jun-2021 17:56:12 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 30 May 2021 17:56:12 GMT
content-type
text/html
content-length
353
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=d4bb7f39-39c2-0f7b-00dd-3fd96e82cde5|1622397372; Version=1; Expires=Mon, 30-May-2022 17:56:12 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Sun, 30 May 2021 17:56:12 GMT
content-length
0
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 515D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=2753228560253870743&ex=districtm
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=2753228560253870743&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=2753228560253870743&ex=districtm
AN-X-Request-Uuid
4fa41204-fd92-4e39-928d-04b7e21dd31f
Set-Cookie
uuid2=2753228560253870743; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 28-Aug-2021 17:56:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.187:80
current
amazon-tam-match.dotomi.com/match/bounce/ Frame C1D5
0
0
Document
General
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sun, 30 May 2021 17:56:05 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7E80
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7705248515007088740&ex=appnexus.com
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7705248515007088740&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:06 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7705248515007088740&ex=appnexus.com
AN-X-Request-Uuid
6f734c3b-e3ae-44c8-ba1a-16fb40b65870
Set-Cookie
uuid2=7705248515007088740; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 28-Aug-2021 17:56:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.153:80
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FAC7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2685190894431413257
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2685190894431413257
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=2685190894431413257; Domain=.turn.com; Expires=Fri, 26-Nov-2021 17:56:05 GMT; Path=/; Secure; SameSite=None
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2685190894431413257
content-length
0
date
Sun, 30 May 2021 17:56:05 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BC0B
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=15728417046886214120
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=15728417046886214120
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Sun, 30 May 2021 17:56:05 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=15728417046886214120
set-cookie
tluid=15728417046886214120; Max-Age=7776000; Expires=Sat, 28 Aug 2021 17:56:05 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.upi.com%2F&domain=www.upi.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.upi.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.upi.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1354
date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
vary
Accept-Encoding
rrv7.js
bid.underdog.media/
32 KB
14 KB
Script
General
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8400adcd7578487645f9c48e86a31de181d0031adbb00599fb44cf8d06008b1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:13:32 GMT
content-encoding
gzip
last-modified
Sun, 30 May 2021 17:00:06 GMT
server
AmazonS3
age
2554
etag
"e109c574423ced47febe062aab02c0c9"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
13783
x-amz-cf-id
EkI7Jg-D3Bw6I-20xorPUj6UuCZNPNwiHXR5zg_MrBunkvEOsnlG3Q==
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.upi.com%2F&domain=www.upi.com&cw=1
  • https://mug.criteo.com/sid?cpp=l1YcL3wvdU9MaFl0dGtVMmNRNVVZV3RmUW0xUGM4cjdsT2lVVWFRVWluOHlwVkdCODkzUDR1TlBoU2s0ZFE0ak41MmEwamhmVXZYMU5SOGxNMGg3NisxZTRZQXVpdGVSNEtnd2tZeFdZMFdFM2JQTFc3Z1A1MzYvMVF6Vk...
318 B
605 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=l1YcL3wvdU9MaFl0dGtVMmNRNVVZV3RmUW0xUGM4cjdsT2lVVWFRVWluOHlwVkdCODkzUDR1TlBoU2s0ZFE0ak41MmEwamhmVXZYMU5SOGxNMGg3NisxZTRZQXVpdGVSNEtnd2tZeFdZMFdFM2JQTFc3Z1A1MzYvMVF6Vk9wM2lSM3dWaXovTGk1R3pUNXBNMXFNM1ZSdWxtdUZlek9WZzI2THVGOUxWMndINDk1bTNjUlQ3ODFpRWduU2Q2V2JjRytyVHNBaUZvQmk1T25XVHBHenk0RmozNXFTcEVlemhKRDFHdi96US9LdURybkowPXw&cppv=2
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
aac1ae280b1b855b76188542467aa409c147fe46ba277239ff54f112cc90827e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 30 May 2021 17:56:05 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2030
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 May 2021 17:56:05 GMT
location
https://mug.criteo.com/sid?cpp=l1YcL3wvdU9MaFl0dGtVMmNRNVVZV3RmUW0xUGM4cjdsT2lVVWFRVWluOHlwVkdCODkzUDR1TlBoU2s0ZFE0ak41MmEwamhmVXZYMU5SOGxNMGg3NisxZTRZQXVpdGVSNEtnd2tZeFdZMFdFM2JQTFc3Z1A1MzYvMVF6Vk9wM2lSM3dWaXovTGk1R3pUNXBNMXFNM1ZSdWxtdUZlek9WZzI2THVGOUxWMndINDk1bTNjUlQ3ODFpRWduU2Q2V2JjRytyVHNBaUZvQmk1T25XVHBHenk0RmozNXFTcEVlemhKRDFHdi96US9LdURybkowPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1654
content-length
482
expires
0
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4fe3064b&pos=8a9698ab017474066989085b4b9e0663&cmd=bid&reserve=0.07608695652173912&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
cba9b81bdc4414beccc332f7e40a48df63d68035f96b4f854984c18ac9b33a94

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 17:56:09 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4fe3064b&pos=8a9698ab017474066989085b4b9e0663&cmd=bid&reserve=0.07608695652173912&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
94aa352951651921795fbb4675392f8ecfb8869561ed11b0979293c685d1ac66

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 17:56:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4fe3064b&pos=8a9698ab017474066989085b4b9e0663&cmd=bid&reserve=0.07608695652173912&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
22ddcd875436177e9a3a83bb1397b8e8795c5c5137a12fd360526f9e395bccfa

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 17:56:09 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/
356 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
84e80d94d5c7e69e94f9c0e294d0b82d9af5d3b4492987bac1c7e3ab7103c017
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:05 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
b3605465-9140-4681-86f6-5e203b1d9855
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
356
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
underdogmedia-d.openx.net/w/1.0/
0
0

trinity.json
apex.go.sonobi.com/
0
0

cdb
bidder.criteo.com/
0
0

/
hb.emxdgt.com/
0
0

c
prebid.a-mo.net/a/
861 B
618 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
2e823ac35b548b7fd710148c986c989563a4077197b6fba9d149d6aacb9e523a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 May 2021 17:56:05 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
110
content-length
356
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
csi
csi.gstatic.com/
0
331 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kpbhi3aa&c=323674518006735&e=31060413%2C31061003%2C31061149%2C21066613%2C21066615%2C21067088&ctx=1&met.9=1.1ci~2.1if~3_1.1jv~3_37.1jz~3_47.1jz~7_1.0~7_2.0~7_3.0~7_4.0~7_5.0~7_6.0~7_7.0~7_8.0~7_9.0~7_37.0~7_47.0&met.3=831.1ih~827.1ii~1.1ij~1.1ik~1.1ik~1.1ik~1.1ik~1.1ik~74.1ik_1~43.1il~74.1im~43.1im~74.1im~43.1im~74.1im~43.1im~74.1im~43.1in~74.1in~43.1in~74.1in~43.1in~74.1in~43.1in~74.1in~43.1in~1.1io~1.1io~1.1io~1.1io~86.1io~76.1io~38.1io~573.1io~598.1io~54.1io~598.1io~54.1io~598.1ip~54.1ip~598.1ip~54.1ip~598.1ip~54.1ip~598.1ip~54.1ip~598.1ip~54.1ip~598.1ip~54.1ip~598.1ip~54.1ip~51.1ip~51.1ip~49.1ip~49.1ip~51.1ip~51.1ip~49.1ip~49.1ip~51.1ip~51.1ip~49.1ip~49.1ip~51.1ip~51.1ip~49.1ip~49.1ip~51.1ip~51.1ip~49.1ip~49.1ip~51.1ip~51.1iq~49.1iq~49.1iq~51.1iq~51.1iq~49.1iq~49.1iq~573.1ir~573.1ir~6.1ir~14.1ir~91.1ir~95.1ir_2~95.1it~95.1iu~95.1iu~74.1iu~43.1iu~95.1iu~74.1iv~43.1iv~95.1iv~1.1iv~1.1iv~573.1iv~598.1iv~54.1iv~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~598.1iw~54.1iw~38.1iw~2.1iw~2.1iw~51.1iw~49.1iw~49.1iw~51.1iw~49.1iw~49.1iw~51.1iw~49.1iw~49.1iw~51.1iw~49.1iw~49.1iw~51.1iw~49.1iw~49.1iw~51.1iw~49.1iw~49.1iw~51.1iw~49.1iw~49.1ix~86.1ix~573.1ix~598.1ix~598.1ix~598.1ix~598.1ix~598.1ix~598.1ix~598.1ix~598.1ix~598.1ix~598.1ix~598.1ix~816.1iy~86.1iy~86.1iy~816.1iy~86.1iy~86.1iy~38.1iy~573.1iy~598.1iy~54.1iy~598.1iy~54.1iy~598.1iy~54.1iy~598.1iy~54.1iy~598.1iy~54.1iy~598.1iy~54.1iy~598.1iz~54.1iz~598.1iz~54.1iz~598.1iz~54.1iz~598.1iz~54.1iz~598.1iz~54.1iz~51.1iz~51.1iz~49.1iz~49.1iz~51.1iz~51.1iz~49.1iz~49.1iz~51.1iz~51.1iz~49.1iz~49.1iz~51.1iz~51.1iz~49.1iz~49.1iz~51.1iz~51.1iz~49.1iz~49.1iz~51.1iz~51.1iz~49.1iz~49.1iz~51.1iz~51.1iz~49.1iz~49.1iz~86.1iz~86.1iz~74.1iz~74.1j1~86.1j1~86.1j1~77.1ii_j~297.1j1~894.1j2~724.1j2_1~724.1j3~724.1j3~724.1j3~724.1j3~724.1j3~724.1j3~724.1j3~724.1j3~724.1j4~724.1j4~872.1j5~872.1j6~872.1j6~893.1j6~893.1j6~893.1j6~661.1j6~660.1j6~661.1j6~660.1j7~661.1j7~660.1j7~750.1jd_1~750.1je~750.1je~831.1jw~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~808.1k0~751.1k0~808.1k0~751.1k0~808.1k0~751.1k1~112.1kp_2&met.10=1_37.IOMPEAAI_isYgJh1KAA~1_47.IOMPEAAI_isYgJh1KAA~1_6.IOMPEPkrCP4rGICYdSgB~1_1.IOMPEIDlCAiA5QgYgJh1KAE~1_4.IOMPEAAIABiAmHUoAA~1_3.IOMPEAAIABiAmHUoAQ&met.7=CBsQCMABmJieiws~CBIQBxgBIKwDKKwDML4DOBJorgNwvgN4hQiAAYoHiAHwZKoBPQoNQXJpbW86NDAwLDcwMAoaTW9udHNlcnJhdDo0MDAsNTAwLDYwMCw3MDAKEExhdG86MzAwLDQwMCw3MDCwAQG4AQPAAdbHu8gK~CBsQByCsAzi9AsABzJSTrg4~CBsQChgBIKwDKKwDMLUDOAlorgNwtAN4yO0BgAHi7AGIAYOlBbABAbgBA8ABzJ7p1wY~CBsQChgBIK0DKK0DMLcDOAtorgNwtQN47pMEgAHskgSIAeS9D7ABAbgBA8AB173QhQ0~CBsQCiCtAzifA8ABxYq3tQo~CBsQCiCtAzg1wAGDt8H3Bw~CBsQCiCtAziQB8ABnMvZ6gg~CBsQCiCtAzjBA8AB0d74gg0~CBsQCiCtAzjVA8AB3Z7aqQo~CBsQCiCtAzinBMABzIWH0QY~CBsQCiCtAziZBMABi8qKuQ8~CBsQBiCtAzj7BsAB6av6tgI~CBsQBiCEBDitBsAB6erqjQM~CBsQBiCEBDirBsAB8IyA7Q0~CBsQBiCEBDi4BsABnq2ajQ8~CBsQBiCEBDi3BsABlZT-5gw~CBsQBiCFBDiQB8ABo9bRpAI~CBsQBiCFBDiZB8ABg8nSmAk~CBsQBiCFBDieB8ABgLOH_gU~CBsQBiCFBDigB8ABmrjbjg4~CBsQBiCFBDiuB8AB9LX7hwM~CBsQBiCFBDiwBcABnKLe2gk~CBsQBiCFBDi0BcABq5y_fw~CBsQBiCFBDi_BcABt7rppgc~CBsQBiCFBDi2BcABp9GM9wc~CBsQBiCFBDi8BcAB-Z6Tpww~CBsQBiCFBDiZBsAB1-iqqAg~CBsQBiCFBDjpA8ABgbX15g8~CBsQBiCFBDjBBcABg_u5jwo~CBsQCiCFBDjuCcAB55efgwo~CBsQDSDgBjjuAcAB2P3fmAQ~CBsQCiDnBjjkAcABh9P1pQ0~CBsQCiDoBjiZBMAB7ZyA0gM~CBsQCiDqBjjEBMAB_teg8Q0~CBsQCiDrBjjXA8ABnuvHkgc~CBsQCiDsBji7BMABl4__vAY~CBsQCiDuBjjVA8AB3Z7aqQo~CBMQAhgBIPAGKPAGMPgGOAho8QZw-AZ4iZABgAGcjwGIAZyPAaoBCwoFYXJpbW8QERgCsAEBuAEDwAHNnujuCQ~CBMQAhgBIJQHKJQHMJ8HOAtolQdwnQd44ZYBgAHIlgGIAciWAaoBEAoKbW9udHNlcnJhdBAPGAKwAQG4AQPAAaKDq-YN~CBMQAhgBIJQHKJQHMJ0HOAlolQdwnAd42ZYBgAHAlgGIAcCWAaoBEAoKbW9udHNlcnJhdBAPGAKwAQG4AQPAAZ-OjNMP~CBMQAhgBIJQHKJQHMJsHOAdolQdwmwd41bcBgAG8twGIAby3AaoBCgoEbGF0bxARGAKwAQG4AQPAAbrzj8sO~CBsQAiCUBzjOAcABsOCozwI~CBsQCiCrBzi3BMABlK2K7ww~CBsQCiCtBzgKwAHdntqpCg~CBsQAiCvBziuAcABsfiF6A8~CBsQAiCvBzjLAcAB5ZDF5gU~CBMQAhgBILAHKLAHMLgHOAhosAdwtwd4sZgBgAGYmAGIAZiYAaoBEAoKbW9udHNlcnJhdBAPGAKwAQG4AQPAAYn20ooB~CBsQCiD0BzjVAsAB2euw8wo~CBsQAiCLCDisA8ABwteQlAU~CBsQDSDhCDh1wAHFwui8AQ~CBsQBiDkCDijAsABsuTP-gs~CBsQBiDlCDiqAsABsuTP-gs~CBsQDSD-CDiVAcAB3Neh1Aw~CBsQDSD_CDhIwAGDwojKCw~CBsQDSC1CTirAsAB6KCHsQQ~CBsQDSDECjh8wAHAq5a_Ag~CBsQDSDECjg2wAH49YbICQ~CCgQDRgBIOMKKOMKMPMKOBDAAeKygLkD~CBsQBiDjCjgIwAGG7L72DA~CBsQCiDmCjhSwAHE8te3Ag~CBsQDSDuCziBAcAB56Pd5Aw~CBsQBiCFDDjNA8ABvqvK5gU~CBsQDSCwDDirA8AB9K_u4AE~CBIQAhgBILYMKLYMMMUMOBBotgxwxQx4pASAAYkEiAHcEKoBCAoGUm9ib3RvsAEBuAEDwAGxoLupCg~CBsQChgBIMUMKMUMMI0NOEhAxgxIyAxQyAxY8wxg0wxo8wxwjQ14hQWAAQ6IAQuwAQG4AQPAAcm3s6QO~CBsQCiDSDDiJAcAB79P8hwI~CDsQChgBINMMKNMMMKoNOFdA1AxI1QxQ1QxYgw1g4Axogw1wng14w6oBgAGvpwGIAZnyA7ABAbgBA8AB4s3qlgk~CBMQAhgBIN0MKN0MMOQMOAdo3gxw5Ax433qAAch6iAHIeqoBDAoGcm9ib3RvEBsYArABAbgBA8ABi5aVxwQ~CBsQBSDqDDjDAcAB9PKRng4~CBsQCiCHDTgxwAGt7vzOAQ~CBsQBiCMDThKwAGvxJ7MAg~CBsQBiCMDThHwAGUytXXBg~CBAQBRgBIJ0NKJ0NMLoNOB1Anw1IoA1QoA1Ysw1gpQ1osw1wug142w6AAccLiAHCFrABAbgBA8ABqajSqAE~CBAQBRgBIKINKKINML8NOB1osw1wug14ggyAAccLiAHCFrABAbgBA8ABqajSqAE~CA4QChgBININKNINMKsOOFhQ0w1Y6w1g0w1o6w1whg54ouMGgAH24gaIAZqkE7ABAbgBA8AB_Kmtigg~CBMQAhgBIPgNKPgNMP4NOAdo-A1w_g146bMBgAHQswGIAdCzAaoBCgoEbGF0bxARGAKwAQG4AQPAAbvHoMYJ~CBsQAiD4DThywAHstKDVBA~CBsQBiCqDjhawAHJyLX7Cg~CBsQBiCrDjhdwAHJyLX7Cg~CBsQBiCrDjhnwAHJyLX7Cg~CBsQBiCrDjhnwAHJyLX7Cg~CBsQBiCrDjhowAHJyLX7Cg~CBsQBiCrDjhpwAHJyLX7Cg~CBsQBiCyDjhQwAHfyYqgCA~CBsQBiCzDjgtwAHOyYXZBA~CBsQDSDKDjhgwAGfmoyuBA~CBsQDSDTDjhNwAGOkYCACA~CBsQDSDkDjhnwAGP7rWZBg~CBsQDSDqDjhLwAGOkYCACA~CBsQCiCJDzhAwAG_xM3lAQ~CBsQCiCKDzgiwAHA1M7vCg~CCgQChgBIL4PKL4PMNEPOBNovg9w0A94gKQBgAHkowGIAdSxA7ABAbgBA8ABm-H6cA~CC8QBxgBIMQPKMQPMO4POCtAxA9Iyw9Qyw9Y3g9g0Q9o3g9w7g94nwaAAWSIAWuwAQG4AQPAAcaG378F~CC8QBxgBIMQPKMQPMOcPOCNAxQ9IxQ9QxQ9Y2A9gyg9o2A9w5g94qQSAAWSIAWuwAQG4AQPAAZv_iccH~CBAQBxgBIN4PKN4PMPQPOBbAAbHNhY0E~CBsQBxgBIN4PKN4PMJEQODPAAZqEsP4K~CBsQCiD3DzggwAHWjerZDQ~CBsQCiD3DzggwAHFvOhl~CBsQCiCmEDgIwAGsn7boCg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=797733674;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F;uht=2;fpan=1;fpa=P0-196...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=797733674;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F;uht=2;fpan=1;fpa=P0-1963417577-1622397365890;pbcn=1;pbc=0b1fbb57-ba94-4e75-bb6c-5c5762623ba4;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=upi.com;je=0;sr=1600x1200x24;dst=1;et=1622397365890;tzo=-120;ogl=site_name.UPI%2Cdescription.A%20large-scale%20drug%20smuggling%20ring%20has%20operated%20in%20the%20Lexington%252C%20Ky%252E%252C%20area%20for%20s%2Curl.https%3A%2F%2Fwww%252Eupi%252Ecom%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-poli%2Ctitle.Sources%20say%20drug%20ring%20operates%20with%20police%20protection%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Eupi%252Ecom%2Fimg%2Fupi-archives-logo%252Ejpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=992833475;labels=edge.1%2Csid.16304;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=992833475;labels=edge.1%2Csid.16304;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F;uht=2;fpan=0;fpa=P0-1963417577-1622397365890;pbcn=1;pbc=0b1fbb57-ba94-4e75-bb6c-5c5762623ba4;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=upi.com;je=0;sr=1600x1200x24;dst=1;et=1622397365893;tzo=-120;ogl=site_name.UPI%2Cdescription.A%20large-scale%20drug%20smuggling%20ring%20has%20operated%20in%20the%20Lexington%252C%20Ky%252E%252C%20area%20for%20s%2Curl.https%3A%2F%2Fwww%252Eupi%252Ecom%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-poli%2Ctitle.Sources%20say%20drug%20ring%20operates%20with%20police%20protection%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Eupi%252Ecom%2Fimg%2Fupi-archives-logo%252Ejpg
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=l1YcL3wvdU9MaFl0dGtVMmNRNVVZV3RmUW0xUGM4cjdsT2lVVWFRVWluOHlwVkdCODkzUDR1TlBoU2s0ZFE0ak41MmEwamhmVXZYMU5SOGxNMGg3NisxZTRZQXVpdGVSNEtnd2tZeFdZMFdFM2JQTFc3Z1A1MzYvMVF6Vk9wM2lSM3dWaXovTGk1R3pUNXBNMXFNM1ZSdWxtdUZlek9WZzI2THVGOUxWMndINDk1bTNjUlQ3ODFpRWduU2Q2V2JjRytyVHNBaUZvQmk1T25XVHBHenk0RmozNXFTcEVlemhKRDFHdi96US9LdURybkowPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1471
date
Sun, 30 May 2021 17:56:06 GMT
content-encoding
gzip
vary
Accept-Encoding
generic
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:05 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.248.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-248-53.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:05 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KPBHI3S8-3-6BR0&gdpr=0
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KPBHI3S8-3-6BR0&gdpr=0
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid
0868402d-f2be-4ef5-a407-95aa6b3cfa16
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KPBHI3S8-3-6BR0&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
container.html
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D1B
6 KB
3 KB
Document
General
Full URL
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 17:56:05 GMT
expires
Mon, 30 May 2022 17:56:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:06 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7637
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLPRtrIR8KdwU09DUngA4wAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 7637
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVGp0YVZpZse6dfp2VRnGQ&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVGp0YVZpZse6dfp2VRnGQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 30 May 2021 17:56:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVGp0YVZpZse6dfp2VRnGQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7637
43 B
720 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7637
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLPRtrIR8KdwU09DUngA4wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELCVSPo-5BFbojTRPPDBIMY&google_cver=1
43 B
1018 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELCVSPo-5BFbojTRPPDBIMY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELCVSPo-5BFbojTRPPDBIMY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7637
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8115069663595238900&expiration=1623606967
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8115069663595238900&expiration=1623606967
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8115069663595238900&expiration=1623606967
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 7637
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=652060b3-d1b6-4200-bce9-91beab1e9d4a
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=652060b3-d1b6-4200-bce9-91beab1e9d4a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:07 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:07 GMT
Server
MT3 3736 915c305 master zrh-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=652060b3-d1b6-4200-bce9-91beab1e9d4a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 17:56:06 GMT
crum
dsum-sec.casalemedia.com/ Frame 7637
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020461234205
43 B
991 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020461234205
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:06 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020461234205
Date
Sun, 30 May 2021 17:56:06 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 7637
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:07 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 30 May 2021 17:56:07 GMT
server
nginx/1.18.0
content-length
76
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7637
43 B
344 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
clarium.global.ssl.fastly.net/ Frame 7D1B
60 KB
20 KB
Script
General
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=hPH9mWAgPsgQZ1kJCV_8QwkFRPc&tpid=aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=v2lgcycid&d=eyJ3aCI6ImFGQklPVzFYUVdkUWMyZFJXakZyU2tOV1h6aFJkMnRHVWxCakx6RXhNREU1TmprNU16b3pNREI0TWpVdyIsIndkIjp7Im8iOjExMDE5Njk5MywidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b658e7808a05f69ac9436f8ac8f74a230691149f6c4ddd05852bf6a9c5fde

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:06 GMT
Content-Encoding
gzip
Age
0
X-Cache-Status
hit
X-Cache
MISS
Connection
keep-alive
Content-Length
19472
X-Served-By
cache-hhn4067-HHN
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1622397366.329552,VS0,VE5
ETag
cc43f8b5599fb5e6e388e1b5ad6e22cf58c5cfba
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
0
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 7D1B
1 KB
909 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:43:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 7D1B
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:36:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 7D1B
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:54:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D1B
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 7D1B
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:52:41 GMT
l
www.google.com/ads/measurement/ Frame 7D1B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPu5g8wfUO3Dvs8ArEFrnBjrbc0yWrWZPfI9HAESL1zgq9a0p4S4Usum2OVd1EyOLJwqyyvOkxtaoeWrXyq4q4y91pJA
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

7d9aee27bee51cf015d1b4a8dc2025e1.js
www.gstatic.com/mysidia/ Frame 7D1B
25 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 17:49:14 GMT
server
sffe
age
39708
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sat, 28 Aug 2021 06:54:18 GMT
pixel
protected-by.clarium.io/ Frame 7D1B
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=5&s=1f0a46f5221fe1bae3ac8285e10f54bad9707327&id=eyJkZnAiOnsiYWQiOjIxMywiYyI6bnVsbCwibCI6MCwibyI6MTEwMTk2OTkzLCJBIjoiLzEwMDk3NTMvVVBJX0Rlc2t0b3BfMzAweDI1MF9JbnJlYWRfMiIsInkiOjAsImNvIjowLCJzIjoiZGl2LWFkLTYwYjNkMWI0MGZhZDgifX0%3D&sb=3&cb=5586775&h=www.upi.com
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7D1B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CksOktdGzYJOIMc_G7_UPivmqqAXX05fmYq-C0O2cCZH3x_eDAhABINmN-Rdg9ZXOgeAEoAHlnMH-A8gBBqkC2Uf7V7eksj7gAgCoAwHIA5sEqgSZAk_Qp9M9TZnyTHJ2O4HTi_CE8-fVh5ton2vbH0KgFhX7G65rqf3ECHuO7nEvv3zO7xzOiT2xeDLUXflbVva2xeZ5mcc7bLG_XirawKKdIx_0hwhmqZUHK6w2upufVoPa89s-7ie0iTBrVflpwoCHW4J6PtfNrO9LqVr2VM7qXH2FjPMHuiNblCQyB7UWUbgzOHF7ip3bVhH947y2WbeqTV7icZZ8O3abjYmtsA4omHWlqk-BeneFDDiwNTkB5hln8cy9OPax0M0zCpUHTV5Qk5D6oybRYeGcqP6DBaFnE6wGPpnCyLmUomF-DyT9pB-D0AdbUvk-dwNSgoqf2OtusNItweX-upoqQ6w-y42APyr24KVNLYZur2vWwAT4or_HjQLgBAGSBQQIBBgBkgUECAUYBKAGN4AHg-O-AagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDOgwzSCAcIgGEQARgdgAoDyAsB2BMNiBQD0BUBgBcBshcaChgIABIUcHViLTIyNzMyMDQwNzY1MzI1NTQ&sigh=mPaoxM2TqwE&template_id=492
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

downsize_200k_v1
tpc.googlesyndication.com/simgad/1916798456869725656/ Frame 7D1B
16 KB
16 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1916798456869725656/downsize_200k_v1?w=400&h=209
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70f8f116f246b4c4cd4c8fc735fb4066eea5811cd5539a143c4b201a59337c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 01 Feb 2019 16:13:02 GMT
server
sffe
x-dns-prefetch-control
off
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16747
x-xss-protection
0
expires
Mon, 30 May 2022 17:56:06 GMT
truncated
/ Frame 7D1B
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f7fffbfbd7455db1b83581bd8f5426466cf6e35ba2be2d2db13eb24a0238a79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 04A2
1 KB
1 KB
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
52917
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7D1B
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b10852371223b4986ba22593ac716a14a87afc848bfeb4b7a2996182f7ad46f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 04A2
35 B
362 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC6CWVTDrlnfcMqlqiU5KjE&google_cver=1&google_push=AQvitUL10eWbJczpHUN60Y_lJIMi_5nbhrexkFBUfMfSI2fYZvWwiicu3JgO5bJnkirT9qJIRau2ASE8Fi6YNOvd90e8zQtgY_I
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIGzQzVnQA9g0VS8Pb-BjHQ&google_cver=1&google_push=AQvitUKjtKXiY2tKUrwcYSKkxAAHoSVQRkYUF-e7ZW1S0KnRiLirPG_FOaRDY-hbEgCOKnuALBPpfVS6-D_...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKjtKXiY2tKUrwcYSKkxAAHoSVQRkYUF-e7ZW1S0KnRiLirPG_FOaRDY-hbEgCOKnuALBPpfVS6-D_CpCwlBYsnAYLH1BA&google_hm=Gdp8IP7QSTmGwpAZ74Yjd9Q
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKjtKXiY2tKUrwcYSKkxAAHoSVQRkYUF-e7ZW1S0KnRiLirPG_FOaRDY-hbEgCOKnuALBPpfVS6-D_CpCwlBYsnAYLH1BA&google_hm=Gdp8IP7QSTmGwpAZ74Yjd9Q
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:06 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKjtKXiY2tKUrwcYSKkxAAHoSVQRkYUF-e7ZW1S0KnRiLirPG_FOaRDY-hbEgCOKnuALBPpfVS6-D_CpCwlBYsnAYLH1BA&google_hm=Gdp8IP7QSTmGwpAZ74Yjd9Q
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEO1uIv5s_6apMH5tU3FnhY0&google_cver=1&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEO1uIv5s_6apMH5tU3FnhY0&google_cver=1&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY&...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY&google_hm=4j3jgLuiSiIAAikABlF5vms...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY&google_hm=4j3jgLuiSiIAAikABlF5vms-TA%3D%3D
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f5-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUJvZWxxbbRpJ3MQVpDzPtsIaJqi4qE1_203SSpp_HJGZTFIXSL2EEFMpNi2UwkzcJC7PK3L84NtTSyktCrkVB5lhEWWBMZY&google_hm=4j3jgLuiSiIAAikABlF5vms-TA%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM0gKzBXoMMEOpf7cXx649A&google_cver=1&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEYR_mF8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM0gKzBXoMMEOpf7cXx649A&google_cver=1&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4OTA4ODgzOTU3NTM1MDU5NQ&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEYR_m...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4OTA4ODgzOTU3NTM1MDU5NQ&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEYR_mF82P2bDkBnlyIki5QgT18
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4OTA4ODgzOTU3NTM1MDU5NQ&google_push=AQvitUIoqW28R0twCIWeKAN_A0Sy7xlCM_RXaFLAFQKM9tHIh9YUpsmvnT9knsSOZSOxiCYXFEYR_mF82P2bDkBnlyIki5QgT18
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEMzQ3p5LhP3JySDpRZSCMQQ&google_cver=1&google_push=AQvitUKjexvXAsz5wtvOkAATvMke93NbWRYt3cQbXlI3freBZvkI2O5pffJ_52_otxN2vC7V6aqqEO8wMTXEH7wkDa5YgoK...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=eGVHUXZMT1B4eUhU&google_ula=2046794&google_push=AQvitUKjexvXAsz5wtvOkAATvMke93NbWRYt3cQbXlI3freBZvkI2O5pffJ_52_otxN2vC7V6aqqEO8wMT...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=eGVHUXZMT1B4eUhU&google_ula=2046794&google_push=AQvitUKjexvXAsz5wtvOkAATvMke93NbWRYt3cQbXlI3freBZvkI2O5pffJ_52_otxN2vC7V6aqqEO8wMTXEH7wkDa5YgoKX4kof
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=eGVHUXZMT1B4eUhU&google_ula=2046794&google_push=AQvitUKjexvXAsz5wtvOkAATvMke93NbWRYt3cQbXlI3freBZvkI2O5pffJ_52_otxN2vC7V6aqqEO8wMTXEH7wkDa5YgoKX4kof
Date
Sun, 30 May 2021 17:56:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
sync
dsp.adkernel.com/ Frame 04A2
42 B
233 B
Image
General
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJWLgCWKkiEuYH3qWqfgXNE&google_cver=1&google_push=AQvitULV-Z6WSm3anvc6CdYMSKNUkWhbamIG2Xd2VlWLZWy4nWxPKAajbmJHIbEJsBCphPqdyFyp-rILVKTqfbdBtaO8p1yOXt4
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEKrIsyTLPAxzW9WXq0bbYQo&google_cver=1&google_push=AQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBRH5H...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D461c1655-bde6-4325-ac0a-baff8bac3a4e%26google_push%3DAQvitUJkSRiaEaTvfLOELX4SY0_xl...
  • https://tech.rtb.mts.ru/?dsp_uid=461c1655-bde6-4325-ac0a-baff8bac3a4e&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D461c1655-bde6-4325-ac0a-baff8bac3a4e%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=461c1655-bde6-4325-ac0a-baff8bac3a4e&google_push=AQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBR...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=461c1655-bde6-4325-ac0a-baff8bac3a4e&google_push=AQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBRH5Hn_Zz_PQl-4U
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:08 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=461c1655-bde6-4325-ac0a-baff8bac3a4e&google_push=AQvitUJkSRiaEaTvfLOELX4SY0_xl0Nc6cuDjgvpxfLLTYH00wIXfZOGTNvNUNzn8BbC1AioWYEpAkgjfn0QBRH5Hn_Zz_PQl-4U
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame 04A2
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEtHB1YNhh8RtChAMEIuLDHgBE2w1LrSjVNtknmNGwIfXK2hZKYIFs6PXp8YYgEuLWejtnPA
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:06 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=15728417046886214120
43 B
2 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=15728417046886214120
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:06 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid
9b4f6c39-cc9d-4e23-aff3-0d31cce6bbc7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=15728417046886214120
date
Sun, 30 May 2021 17:56:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
container.html
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF43
6 KB
3 KB
Document
General
Full URL
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 17:56:05 GMT
expires
Mon, 30 May 2022 17:56:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
clarium.global.ssl.fastly.net/ Frame DF43
60 KB
20 KB
Script
General
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=hPH9mWAgPsgQZ1kJCV_8QwkFRPc&tpid=aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=v2lgcycid&d=eyJ3aCI6ImFGQklPVzFYUVdkUWMyZFJXakZyU2tOV1h6aFJkMnRHVWxCakx6RXhNREU1TmprNU16b3pNREI0TWpVdyIsIndkIjp7Im8iOjExMDE5Njk5MywidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b658e7808a05f69ac9436f8ac8f74a230691149f6c4ddd05852bf6a9c5fde

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:06 GMT
Content-Encoding
gzip
Age
0
X-Cache-Status
hit
X-Cache
HIT
Connection
keep-alive
Content-Length
19472
X-Served-By
cache-hhn4067-HHN
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1622397367.661391,VS0,VE0
ETag
cc43f8b5599fb5e6e388e1b5ad6e22cf58c5cfba
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
1
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=13ed7c67-6dbf-452b-bf27-568c2f858fa3
43 B
2 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=13ed7c67-6dbf-452b-bf27-568c2f858fa3
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid
60328f61-29df-4694-9de5-3a75b13a455d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=13ed7c67-6dbf-452b-bf27-568c2f858fa3
date
Sun, 30 May 2021 17:56:07 GMT
content-length
0
pixel
protected-by.clarium.io/ Frame DF43
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=5&s=1f0a46f5221fe1bae3ac8285e10f54bad9707327&id=eyJkZnAiOnsiYWQiOjIxMywiYyI6bnVsbCwibCI6MCwibyI6MTEwMTk2OTkzLCJBIjoiLzEwMDk3NTMvVVBJX0Rlc2t0b3BfMzAweDI1MF9JbnJlYWRfMiIsInkiOjAsImNvIjowLCJzIjoiZGl2LWFkLTYwYjNkMWI0MGZhZjgifX0%3D&sb=3&cb=5557298&h=www.upi.com
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DF43
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:54:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF43
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DF43
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:52:41 GMT
l
www.google.com/ads/measurement/ Frame DF43
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAd7BDRfSy--EzbKMxvfnVH5fM2J0ClaFrJ2U3wuQ5RW8tarcKYrr2NEN2j5dj-h8XWaeI1CnEjM2GsecpzKY-H-sUJA
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/ Frame 8DEF
80 KB
20 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ccc9d703cd8ac146a14986822b4d9dda3a7a08e6005023af728c4ed58e4d275
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/283230849334247424/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Fri, 28 May 2021 05:00:46 GMT
expires
Sat, 28 May 2022 05:00:46 GMT
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
20033
age
219321
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame DF43
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUcxrttGzYP3UBoSMlQfZ0ZXABcLUh-1gu43Y9JgNsJWJxK4JEAEg2Y35F2D1lc6B4ASgAa73mdIDyAEJqQLQyFAS78irPuACAKgDAcgDAqoEnAJP0MIgScq2eY_ubZeuF6Wo6pHB0GrV3UZ9ISluoaj1w_mJfRrVTS_70mSsAdkivr68WKW5LG5bLTVnUtFgPHers7cS-eatdm5sUD3l3vPPL2kzwShFZB6GLYAPs5K9OQhuz47pom6i0SgVVyBFrdaOXriTlpRkySstoGygweKamtXUAPREEfRJXd-eJdIDAwIkBYR3P8dc5titFToookSM7ltRWe0Lt8J5WXYXNcl3wLRcHWjgrxu4XBFVg8ma1bfULQXLq4QpUYy1fJq9T4rmMtdTgjbawH1kfVMQCezb589QmLgHhA5G-Jhs2XsRderoqQuBPjm905sLGvdb2F8rowCtxSZaZBQIppFj5s15G030uE8sr_ZQsHBmycAE-obcnLID4AQBkgUECAQYAZIFBAgFGASgBl2AB7qI5i2oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ57EU0ggHCIBhEAEYHYAKA8gLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0yMjczMjA0MDc2NTMyNTU0&sigh=C7ZAyhKxpeo
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s
googleads.g.doubleclick.net/pagead/drt/ Frame CBF4
143 B
230 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn4dKBnUap_WDuFB_uLJpJX7CgJS6sjSUWTWp79J01i9955Td9pcKUMAHdErm0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 May 2021 17:29:22 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1605
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 8DEF
2 KB
546 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 16:43:34 GMT
server
ESF
date
Sun, 30 May 2021 17:56:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 17:56:07 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8DEF
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 03:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 31 May 2021 03:56:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8DEF
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 18:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82887
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 30 May 2021 18:54:40 GMT
truncated
/ Frame DF43
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1bfc4eb77e7c7af9d16ecddda6fee89828d5096d054b2f517d160011d13a7ce

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 8DEF
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
419027
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CBF4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn4dKBnUap_WDuFB_uLJpJX7CgJS6sjSUWTWp79J01i9955Td9pcKUMAHdErm0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 17:56:07 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 30-May-2021 18:56:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 May 2021 17:56:07 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 17:56:07 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 7D1B
54 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3540
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 17:57:07 GMT
rum.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 8DEF
54 KB
21 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/rum.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 21:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Jun 2021 21:06:35 GMT
bf2b.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/ Frame 8DEF
20 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/bf2b.svg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a44f93bde6064767878c4844fee4bd5ee627a302b0da55995f7b4edac18dbb8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
564413
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8161
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Mon, 24 May 2021 05:09:14 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 May 2022 05:09:14 GMT
flag.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/ Frame 8DEF
719 B
442 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/flag.svg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1914c48d0e96dbf55755facc2d03a58b7c2a69e46a6922b5e2dfa84e56333b6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
25903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
409
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Sun, 30 May 2021 10:44:24 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 10:44:24 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/ Frame 8DEF
6 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/logo.svg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
473546f02a50a1506c82193d8fcc9a5a1b01dc625611ccb1d07ed3af5a56bdb1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
220397
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2229
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Fri, 28 May 2021 04:42:50 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 May 2022 04:42:50 GMT
goldmirror.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/ Frame 8DEF
106 KB
106 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/283230849334247424/goldmirror.jpg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
497e84288bcbc1d3a3d4a7fbc32b6674a781acb2a0c49f3301d3c38b3aaf4b1f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
564413
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108295
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Mon, 24 May 2021 05:09:14 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 May 2022 05:09:14 GMT
csi
csi.gstatic.com/ Frame 7D1B
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kpbhi4b4&c=323674518006735&ctx=2&qqid=CNO2sZX98fACFU_juwgdirwKVQ&met.6=6.1_CgsYkwIgSCoECAUSAAoPGOkCIDoqCAgEEgQQATAB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7D1B
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kpbhi4ba&c=323674518006735&ctx=2&qqid=CNO2sZX98fACFU_juwgdirwKVQ&met.4=fb.3y~lb.5b~cmrload.5x~ol.ng~idt.tc~dt.-d9&met.3=555.5o~556.5o_1~749.ne_2~735.nz_1~113.ol_3~112.oj_4~246.oo_1&met.1=1.kpbhi3ml~6.1~7.2~8.2~9.2~10.f~11.2~12.f~13.m~14.m~15.s~16.5b~17.5b~18.5c~19.nc~20.nc~21.nf&met.7=CBsQCBgBKAEwFjjMBlACWBBgAmgQcBZ4vRiAAaQYiAHOL7ABAbgBAw~CBsQCiBUOCM~CBwQChgBIFgoWDBgOAhoWXBfeI0HgAHyBogB7QuwAQG4AQM~CBwQChgBIFgoWDBhOAloWnBgeIw3gAHxNogBmogBsAEBuAED~CBwQChgBIFkoWTCIATgvaIIBcIcBeLIKgAGXCogB0ROwAQG4AQM~CCoQChgBIFkoWTB5OCE~CBwQChgBIFkoWTBhOAhoWnBgeJ4sgAGDLIgBmWawAQG4AQM~CBsQBhgBIFkoWTCZAThA~CBsQChgBIFkoWTCnAThO~CBsQBiCIATitBQ~CCEQBBgBIJABKJABMK0BOBw~CBcQAhgBIJEBKJEBMLgBOCdokgFwuAF4hoMBgAHrggGIAeuCAbABAbgBAw~CBwQBRgBIJYBKJYBMLEBOBtAmAFImQFQmQFYrAFgngForAFwsQF4tQmAAdQFiAGWCbABAbgBAw~CCgQChgBINwGKNwGMPEGOBVo3AZw7wZ4gKQBgAHkowGIAdSxA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022104130153000/ Frame 3958
192 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022104130153000/amp4ads-v0.mjs
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41a35bad63d329a7c4babeeea7225ccf200fdf06f5832b83cbcc5e58483eba7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5060
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55462
x-xss-protection
0
server
sffe
date
Sun, 30 May 2021 16:31:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3d138f7c1b4b2d86"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 16:31:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022104130153000/v0/ Frame 3958
12 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
77199
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Sat, 29 May 2021 20:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 20:29:28 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022104130153000/v0/ Frame 3958
88 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
157693
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Fri, 28 May 2021 22:07:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 May 2022 22:07:54 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/022104130153000/v0/ Frame 3958
70 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022104130153000/v0/amp-animation-0.1.mjs
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ea481478fd717638f959064b535f8a86209ee418b3ff5715f23ff9756da6e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
421959
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16326
x-xss-protection
0
server
sffe
date
Tue, 25 May 2021 20:43:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d02693399f6b80d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 20:43:28 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022104130153000/v0/ Frame 3958
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
423948
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Tue, 25 May 2021 20:10:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 20:10:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022104130153000/v0/ Frame 3958
40 KB
12 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022104130153000/v0/amp-form-0.1.mjs
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
423948
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Tue, 25 May 2021 20:10:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 20:10:19 GMT
truncated
/ Frame 3958
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feff65fd5368b99287762ef14d1efc675bc69ae8b799ca68dffff9eee96d0b5f

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
44f156f473134f80a001d04ae3d0908d__cr_w203_h18_x0_y0.png
tpc.googlesyndication.com/sadbundle/7326274248669755222/ Frame 3958
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/7326274248669755222/44f156f473134f80a001d04ae3d0908d__cr_w203_h18_x0_y0.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4ab087a5822afd0f59c363213d7b2557aa84444c525eb843e3cd33e0c23e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:11:48 GMT
x-content-type-options
nosniff
age
6259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3108
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 19:18:42 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 16:11:48 GMT
cddc24996d8d3bb8fbdc23f6040e88f2__cr_w271_h182_x0_y-85.png
tpc.googlesyndication.com/sadbundle/7326274248669755222/ Frame 3958
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/7326274248669755222/cddc24996d8d3bb8fbdc23f6040e88f2__cr_w271_h182_x0_y-85.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48f8df907db9356c6e3d2cc67bd6ce17109e67b7b784b39caa046894a7a3c51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:35:20 GMT
x-content-type-options
nosniff
age
12047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17316
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 19:18:42 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 May 2022 14:35:20 GMT
container.html
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FAC
6 KB
3 KB
Document
General
Full URL
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 17:56:05 GMT
expires
Mon, 30 May 2022 17:56:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F3BE
6 KB
3 KB
Document
General
Full URL
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 17:56:05 GMT
expires
Mon, 30 May 2022 17:56:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E0F4
6 KB
3 KB
Document
General
Full URL
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 17:56:05 GMT
expires
Mon, 30 May 2022 17:56:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3958
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
11953
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 31 May 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3958
295 B
325 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 29 May 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
70742
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 30 May 2021 22:17:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3958
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_EZRttGzYOj3Hb217_UP-d278AGljuvSYqC6z6TIDbSq5rLOExABINmN-Rdg9ZXOgeAEoAHkp8XeAsgBCakC2Uf7V7eksj7gAgCoAwHIAwiqBJoCT9B_FLxCc1KhDrIGL2Ss7Ye1R2_60oIaGluwFehJpA2-SP38UZiAJdeWiDJzsFqJY1ogj_ooCGZ2Cye0Jum3Lr1_c6YfuLKRHjzL29zTNVNMMLf8MjmJVbrCoj1zZZSqxxNGcWLOV_889THonMmIJIzAz4gXpkVSguYl4a2IXwwcog2nBom9zXzrOANYh5o3nRAtk2wkl3Sqr5JqpObqRJW0YbuV0x-ZhW8MoFYz14IbnT_3kErGSotY7q6zqA4FoAAhGy5iZrydhc7O7ea5pWagSER7O2alTqWF9d4KhEi3sO0AOoL9cdEXiwod7BUCa2g3WPBfmkmwtDfnxzvzKVwQhuzV5BLKWroW2bnwdOKhDxwQ7OC46Ep_wAStiryNmALgBAGSBQQIBBgBkgUECAUYBKAGLoAHhNi6oQGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ9fQa0ggHCIBhEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0yMjczMjA0MDc2NTMyNTU0&sigh=EtJ7cn10dC0&template_id=419
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame 7D1B
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kpbhi4bd&c=323674518006735&ctx=2&qqid=CNO2sZX98fACFU_juwgdirwKVQ&met.6=6.1_CgwYiAcg-gEqBAgFEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
62 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"887 / 796 of 1000 / last-modified: 1622153345"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21426
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:07 GMT
csi
csi.gstatic.com/ Frame 8DEF
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kpbhi4it&c=323674518006735&ctx=3&qqid=CP2HxJX98fACFQRG5Qod2WgFWA&met.7=CB8QCBgBMAo4SGgBcAh435wBgAHBnAGIAen9BLABAbgBAw~CBIQBxgBIA8oDzAfOA9oEHAeeKIEgAGHBIgBgRCqARMKEU9wZW4rU2FuczpyZWd1bGFysAEBuAED~CBwQChgBIA8oDzAWOAdoEHAWeIQugAHqLYgB9IEBsAEBuAED~CBwQChgBIBAoEDAXOAdoEHAWeKhRgAGOUYgBmdABsAEBuAED~CBMQAhgBIDsoOzBCOAdoO3BBeIBxgAHocIgB6HCqAQ4KCG9wZW5zYW5zEBQYArABAbgBAw~CBgQChgBIFIoUjBdOAtoVHBbeIKkAYAB5KMBiAHUsQOwAQG4AQM~CB8QBhgBIFQoVDBfOAtoVXBbeIFAgAHhP4gBnaIBsAEBuAED~CB8QBhgBIFQoVDBfOAtoVXBdeNYRgAG1EYgB-i2wAQG4AQM~CB8QBhgBIFQoVDBfOAtoVXBdeLoDgAGZA4gBzwWwAQG4AQM~CB8QBhgBIFQoVDBmOBJoVnBeeLTOBoABh84GiAGHzgawAQG4AQM&met.9=12.kpbhi4k4
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame DF43
54 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3540
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 17:57:07 GMT
/
clarium.global.ssl.fastly.net/ Frame 8FAC
60 KB
20 KB
Script
General
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=hPH9mWAgPsgQZ1kJCV_8QwkFRPc&tpid=aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=v2lgcycid&d=eyJ3aCI6ImFGQklPVzFYUVdkUWMyZFJXakZyU2tOV1h6aFJkMnRHVWxCakx6RXhNREU1TmprNU16b3pNREI0TWpVdyIsIndkIjp7Im8iOjExMDE5Njk5MywidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b658e7808a05f69ac9436f8ac8f74a230691149f6c4ddd05852bf6a9c5fde

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:07 GMT
Content-Encoding
gzip
Age
1
X-Cache-Status
hit
X-Cache
HIT
Connection
keep-alive
Content-Length
19472
X-Served-By
cache-hhn4067-HHN
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1622397368.548409,VS0,VE0
ETag
cc43f8b5599fb5e6e388e1b5ad6e22cf58c5cfba
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
2
/
clarium.global.ssl.fastly.net/ Frame F3BE
60 KB
20 KB
Script
General
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=hPH9mWAgPsgQZ1kJCV_8QwkFRPc&tpid=aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=v2lgcycid&d=eyJ3aCI6ImFGQklPVzFYUVdkUWMyZFJXakZyU2tOV1h6aFJkMnRHVWxCakx6RXhNREU1TmprNU16b3pNREI0TWpVdyIsIndkIjp7Im8iOjExMDE5Njk5MywidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b658e7808a05f69ac9436f8ac8f74a230691149f6c4ddd05852bf6a9c5fde

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:07 GMT
Content-Encoding
gzip
Age
1
X-Cache-Status
hit
X-Cache
HIT
Connection
keep-alive
Content-Length
19472
X-Served-By
cache-hhn4067-HHN
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1622397368.617268,VS0,VE0
ETag
cc43f8b5599fb5e6e388e1b5ad6e22cf58c5cfba
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
3
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame F3BE
1 KB
923 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:43:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame F3BE
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:36:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame F3BE
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:54:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F3BE
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame F3BE
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:52:41 GMT
l
www.google.com/ads/measurement/ Frame F3BE
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStqbgas2L2r0RpwpGbbPD6hbzWVfyW4hdf5skmQTcsaLzQ6bOa78HDw0IGtpSXqWBxuG7jY4THnJlI_ZfI3KUSAkW0ow
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

7d9aee27bee51cf015d1b4a8dc2025e1.js
www.gstatic.com/mysidia/ Frame F3BE
25 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 17:49:14 GMT
server
sffe
age
39709
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sat, 28 Aug 2021 06:54:18 GMT
/
clarium.global.ssl.fastly.net/ Frame E0F4
60 KB
20 KB
Script
General
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=hPH9mWAgPsgQZ1kJCV_8QwkFRPc&tpid=aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=v2lgcycid&d=eyJ3aCI6ImFGQklPVzFYUVdkUWMyZFJXakZyU2tOV1h6aFJkMnRHVWxCakx6RXhNREU1TmprNU16b3pNREI0TWpVdyIsIndkIjp7Im8iOjExMDE5Njk5MywidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b658e7808a05f69ac9436f8ac8f74a230691149f6c4ddd05852bf6a9c5fde

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:07 GMT
Content-Encoding
gzip
Age
1
X-Cache-Status
hit
X-Cache
HIT
Connection
keep-alive
Content-Length
19472
X-Served-By
cache-hhn4067-HHN
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1622397368.671632,VS0,VE0
ETag
cc43f8b5599fb5e6e388e1b5ad6e22cf58c5cfba
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
4
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame E0F4
1 KB
923 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:43:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame E0F4
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:36:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame E0F4
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:54:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E0F4
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame E0F4
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:52:41 GMT
l
www.google.com/ads/measurement/ Frame E0F4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJUiooXpzvGxoVdRvpS6dAw8LgBJjXvkgdS46XQ8H9GwQTpOt1DLdKOwXujqZyXQzTN4lMho3DK71xX8UGP53W5j-wzw
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

7d9aee27bee51cf015d1b4a8dc2025e1.js
www.gstatic.com/mysidia/ Frame E0F4
25 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 17:49:14 GMT
server
sffe
age
39709
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sat, 28 Aug 2021 06:54:18 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3958
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
11953
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 31 May 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3958
295 B
325 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 29 May 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
70742
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 30 May 2021 22:17:05 GMT
csi
csi.gstatic.com/ Frame 7D1B
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~kpbhi4jv&c=323674518006735&ctx=2&qqid=CNO2sZX98fACFU_juwgdirwKVQ&met.6=6.1_Cg8Y3AkgPioICAQSBBABMAE
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
protected-by.clarium.io/ Frame 8FAC
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=5&s=1f0a46f5221fe1bae3ac8285e10f54bad9707327&id=eyJkZnAiOnsiYWQiOjIxMywiYyI6bnVsbCwibCI6MCwibyI6MTEwMTk2OTkzLCJBIjoiLzEwMDk3NTMvVVBJXzMwMHgyNTBfUiIsInkiOjAsImNvIjowLCJzIjoiZGl2LWFkLXIifX0%3D&sb=3&cb=2351920&h=www.upi.com
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
protected-by.clarium.io/ Frame F3BE
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=5&s=1f0a46f5221fe1bae3ac8285e10f54bad9707327&id=eyJkZnAiOnsiYWQiOjIxMywiYyI6bnVsbCwibCI6MCwibyI6MTEwMTk2OTkzLCJBIjoiLzEwMDk3NTMvVVBJXzMwMHgyNTBfUjEiLCJ5IjowLCJjbyI6MCwicyI6ImRpdi1hZC1yMSJ9fQ%3D%3D&sb=3&cb=3845847&h=www.upi.com
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame DF43
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kpbhi4qr&c=323674518006735&ctx=2&qqid=CP2HxJX98fACFQRG5Qod2WgFWA&met.6=6.1_Cg4YJiA6KggIARIEEAEwAQoMGMQEIPoBKgQIBRIACg8YmQcgPioICAQSBBABMAE
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DF43
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kpbhi4rh&c=323674518006735&ctx=2&qqid=CP2HxJX98fACFQRG5Qod2WgFWA&met.4=fb.ct~cmrload.d9~lb.e5~ol.oq~idt.kg~dt.-m5&met.3=735.ec_1~113.v7_2~112.v6_3~246.vw_1&met.1=1.kpbhi3vk~6.2~7.2~8.2~9.2~10.2~12.4~13.9~14.a~15.r~16.e5~17.e5~18.e5~19.op~20.op~21.oq&met.7=CBsQCBgBKAIwCjj6BmgEcAl4vRiAAaQYiAHOL7ABAbgBAw~CBsQCiBeOBU~CBsQBiDMAzg8~CBwQChgBIM4DKM4DMNQDOAdozgNw1AN4sgqAAZcKiAHRE7ABAbgBAw~CBwQChgBIM4DKM4DMNUDOAdozwNw1AN4niyAAYMsiAGZZrABAbgBAw~CCoQChgBIM4DKM4DMOADOBI~CBsQBhgBIM4DKM4DMN0DOA8~CB8QBRgBINYDKNYDMOADOApo1wNw3gN435wBgAHBnAGIAen9BLABAbgBAw~CCEQBBgBINcDKNcDMI0EODY~CCgQBRgBINgDKNgDMN8DOAc~CBwQBRgBINkDKNkDMNwDOAM~CCgQChgBIP4GKP4GMJIHOBRo_gZwkQd4gKQBgAHkowGIAdSxA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 8FAC
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:54:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FAC
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 8FAC
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 17:52:41 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/ Frame EAEB
80 KB
20 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7adef6b673dd982f8e9886c2eccd747f0b368324806c25384b7c9df1a00c9744
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/6035171998416502784/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 25 May 2021 07:02:48 GMT
expires
Wed, 25 May 2022 07:02:48 GMT
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
20034
age
471199
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8FAC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CY0UpttGzYOr3Hb217_UP-d278AHC1IftYPOL2PSYDbCVicSuCRABINmN-Rdg9ZXOgeAEoAGu95nSA8gBCakC0MhQEu_Iqz7gAgCoAwHIAwKqBKICT9BGvdfhpQxvqoKG3u9JiQZT2k9kFPVzc2rnSa_zpna4GGc1u951JUPTspJcfhKLMShUg2-Wo3vZLnewFnalO0CvmG2-hTQX9Rq79ERNQtmrGww0ZPUg3j2sgGu-3uU3hDlRuXCMufZ0AIe2Qu4Gu3JX4nHhiZE4lKOCTO6Q31RvOHUJJASLKY1xPrE09k7ojVdUAXIPXU3irrs-Ad0nR061agOI7AM-CCrpHzWNATEOPcXZi2g0AU5vlME0uLjvQv-bFipq61gmZGyv7La0op4jZEYcCPMv2AJ7hzeA3vSFFqhfAi-km-P3CACugCeisEnjVssOcVRYpjKTOat0CkLUNpXnjiRBzXoWbQlWwBHcVZgItVNtT-oi3PfW1zT3a3bABPqG3JyyA-AEAZIFBAgEGAGSBQQIBRgEoAZdgAe6iOYtqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMqoQtIIBwiAYRABGB2ACgPICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItMjI3MzIwNDA3NjUzMjU1NA&sigh=lCIHNF44TSE
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s
googleads.g.doubleclick.net/pagead/drt/ Frame E6F5
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmq4EWkj_Lx03XiM21Hrhd9od5NB1-r6t85w4a6uBHeyW-lxmBZKtLdqbm8orw; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 May 2021 17:29:22 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1605
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
protected-by.clarium.io/ Frame E0F4
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_aFBIOW1XQWdQc2dRWjFrSkNWXzhRd2tGUlBjLzExMDE5Njk5MzozMDB4MjUw&v=5&s=1f0a46f5221fe1bae3ac8285e10f54bad9707327&id=eyJkZnAiOnsiYWQiOjIxMywiYyI6bnVsbCwibCI6MCwibyI6MTEwMTk2OTkzLCJBIjoiLzEwMDk3NTMvVVBJXzMwMHgyNTBfSW5SZWFkX1JPU19EZXNrdG9wIiwieSI6MCwiY28iOjAsInMiOiJkaXYtYWQtaW5yZWFkIn19&sb=3&cb=2011251&h=www.upi.com
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:07 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7486773338785517855/ Frame F3BE
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7486773338785517855/downsize_200k_v1?w=400&h=209
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57141320a4c43f8a344da6ed2afaeb99035922cda721bd4e59e97213d4fc1b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 05:20:32 GMT
x-content-type-options
nosniff
age
477335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17579
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 16:19:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 05:20:32 GMT
truncated
/ Frame F3BE
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f7fffbfbd7455db1b83581bd8f5426466cf6e35ba2be2d2db13eb24a0238a79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame 3958
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1622397367745&c=323674518006735&qqid=COiq25X98fACFb3auwgd-e4OHg&rt=any.link.1e.14.b.7.j.1.16we.16sm~any.script.1e.t.1.7.0.0.480.3ip~any.script.1e.17.3.i.0.0.l88.l4w~any.script.1e.18.2.l.0.0.com.cli~any.script.1e.14.0.i.0.0.1a0.16y~any.script.1e.1g.1.7.e.0.9uy.9u6~any.css.1i.7.1.6.0.0.2f6.2ec~any.css.1i.7.0.7.0.0.ddv.dd0~any.img.62.7.1.5.0.0.1yc.1xi~any.img.62.7.0.6.0.0.91.87~any.img.62.t.6u.0.0.0.0.0~any.img.dl.7.1.6.0.0.1yc.1xi~any.img.dn.7.0.6.0.0.91.87&met.a4a=dcl.0~ol.381~nvs.1622397367165~ini.1622397367746
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022104130153000/v0/amp-analytics-0.1.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F3BE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C03lottGzYOv3Hb217_UP-d278AHr8eHYYo6fn7XPDJaCzYWIFhABINmN-Rdg9ZXOgeAEoAHV992LA8gBBqkC2Uf7V7eksj7gAgCoAwHIA5sEqgSdAk_QfvkTX6e-3ivuVANQCxeRqpwAVenT_CP0zZU_IPE5Wh_FOTpGvSI_XUnr37824tX8d-kEEke8eQLh6gMlx-uX9rtWdtN5LQM603W3AM_IGzsm0cv7Vcpa1wueaGm8GKdHRChIFQ-joru9my4FZpKn3FNyOaFvI6VvfPtdx-ElxIoMXoxiD0797RjkAA7mUpyU5Npf9Oa2VoBEDsh5uhTLUzp04G2Pt3zae-BMnVFELsDvbuS0cWlJh74njA4W3k4TzzHudebwnxIMs8pxkEuzNCFrZgrLxu709Y7uA6Sy5Ru7NbzopO8S8eFqlepcmAqOpCif0i-XIGeK3yj5UM3eWemyqxfvsQfjwxiyyLujgvNL6T00GGI8QPHXcsAEgqHv_pMD4AQBkgUECAQYAZIFBAgFGASgBjeAB5OIonSoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQiZ4V0ggHCIBhEAEYHYAKA8gLAdgTDYgUDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi0yMjczMjA0MDc2NTMyNTU0&sigh=DfGjw5PMKoc&template_id=492
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

truncated
/ Frame 8FAC
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60af545dc98d10d8a63cb169583e020365692044a29c893f99f0dab7ce60240

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2966
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
52918
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F3BE
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b2a9bd06b9c0066e818dc06296ca42852251cf6b2428b834836f1eb4703dc73

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/13620184772092880694/ Frame E0F4
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13620184772092880694/downsize_200k_v1?w=400&h=209
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff04ffeb6a5034edaedf6cb57c2d91591eb718aca3c8a72298d6eee8b9edc8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 07:24:47 GMT
x-content-type-options
nosniff
age
124280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22048
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 12:44:45 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 07:24:47 GMT
truncated
/ Frame E0F4
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f7fffbfbd7455db1b83581bd8f5426466cf6e35ba2be2d2db13eb24a0238a79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
securepubads.g.doubleclick.net/pagead/ Frame E0F4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjePJttGzYO33Hb217_UP-d278AHfl7vnYrCP-ej8DZaCzYWIFhABINmN-Rdg9ZXOgeAEoAGt-_fQAsgBBqkC2Uf7V7eksj7gAgCoAwHIA5sEqgSkAk_Q8c5IS08zfU0znR678boBNkKQzd2IDrkhdL-clwu_wnYVjOyGkcYPQ6KSzTaAW6MUx0RJUsMQb7uiE8loM-kz9DQMQaxMcTSUQ7U5ab03_O9mAoGzokmCOm3oDFeN0k8LVAgB63zQRkd8lpG62qknTbrU0oYWhRqrU-J7tZ_EPkwanyJrKFJ_MWQeSxWFmDYBspjMNeFlYgiHdzW-gZOvrutGzDJU_UBh_ZpivqwOGCvQQkVGKdl2HEg9D5hI6maUAd86fFe7w99yfcDVrbJXIXuYQiN7_mpRx-Sc50gLGLntjBMymVTY9f_xta641OYq6VR1zjwayrqszNuC-SE3-KwqgY7OV1Nu96Cp0C4Ze9BOm4KIivYBpU7XvDNval_1W9TABIeBiZ_PA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAe7hIivAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCYhwzSCAcIgGEQARgdgAoDyAsB2BMNiBQF0BUBgBcBshcaChgIABIUcHViLTIyNzMyMDQwNzY1MzI1NTQ&sigh=NOrbkHGwZss&template_id=492
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

css
fonts.googleapis.com/ Frame EAEB
2 KB
546 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 16:09:18 GMT
server
ESF
date
Sun, 30 May 2021 17:56:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 17:56:07 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EAEB
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 03:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 31 May 2021 03:56:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EAEB
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 18:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82887
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 30 May 2021 18:54:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4E53
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
52918
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E0F4
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e254d1d7fc434c1852256b0c29a1b2017b10b3c71c82c176d81057eb4bf3c2d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame EAEB
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
419027
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E6F5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmq4EWkj_Lx03XiM21Hrhd9od5NB1-r6t85w4a6uBHeyW-lxmBZKtLdqbm8orw; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 17:56:08 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 30-May-2021 18:56:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 May 2021 17:56:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 17:56:07 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
google
match.adsrvr.org/track/cmf/ Frame 2966
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEByzVft-J_UzxMRre23Qvuw&google_cver=1&google_push=AQvitUIaTPabVpCqHx4MEmUA-VaDWVHbDNqVgZ6GA7VFyZBqo6FvzNYqTvy_tCzDvhYGFKiovNyqaOgOAdRoRGPTywKtCZX1SVRz
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2966
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEDsASA9hbsmugdgEjSCY9xs&google_cver=1&google_push=AQvitUIFp2ed6KMbEsGS11z8Kvpcl2e-dyjJmzZbiDEtAQtOl8wRMqf6TfP6qIZ0v0cexK0TpLU_NwELetQdJxKSLSc5iBVcATs
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cEQ4Qk11TXdDVmVSdXY1MnVOR3pZQQ%3D%3D&google_push=AQvitUIFp2ed6KMbEsGS11z8Kvpcl2e-dyjJmzZbiDEtAQtOl8wRMqf6TfP6qIZ0v0cexK0TpLU_NwELetQdJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cEQ4Qk11TXdDVmVSdXY1MnVOR3pZQQ%3D%3D&google_push=AQvitUIFp2ed6KMbEsGS11z8Kvpcl2e-dyjJmzZbiDEtAQtOl8wRMqf6TfP6qIZ0v0cexK0TpLU_NwELetQdJxKSLSc5iBVcATs
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cEQ4Qk11TXdDVmVSdXY1MnVOR3pZQQ%3D%3D&google_push=AQvitUIFp2ed6KMbEsGS11z8Kvpcl2e-dyjJmzZbiDEtAQtOl8wRMqf6TfP6qIZ0v0cexK0TpLU_NwELetQdJxKSLSc5iBVcATs
date
Sun, 30 May 2021 17:56:08 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 2966
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOaI0BZ0ekbHhaXKmJf6Gns&google_cver=1&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbh...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOaI0BZ0ekbHhaXKmJf6Gns&google_cver=1&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbh...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbhYvwu5AlHneQIr8S_I&google_hm=MDMwMzAwMDJfNjBiM2Qx...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbhYvwu5AlHneQIr8S_I&google_hm=MDMwMzAwMDJfNjBiM2QxYjgwYWUzZA%3D%3D
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 17:56:08 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKJx2_GEXAasjfZGg0SIJyUh54MzPECLF9AcJOQx02FgJB7-Kx-mUv0ahR2Xo30SMf88lljXJDLbhYvwu5AlHneQIr8S_I&google_hm=MDMwMzAwMDJfNjBiM2QxYjgwYWUzZA%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
google
pix.impdesk.com/csync/ Frame 2966
0
0

pixel
cm.g.doubleclick.net/ Frame 2966
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGEkRJFBZ9qgl2r1jRJrXHY&google_cver=1&google_push=AQvitUKWZI6khme_GpPEYVgJqPOC35tEEBl3cRoRWuz-8_BZpAhpGm_cw2tHCsATn7OeDflU1Xk8Rmn6cdPr5BfqZibOV6G...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKWZI6khme_GpPEYVgJqPOC35tEEBl3cRoRWuz-8_BZpAhpGm_cw2tHCsATn7OeDflU1Xk8Rmn6cdPr5BfqZibOV6GU7og&google_hm=NDk4MzM4NjIwNjA5MzYyMjU3
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKWZI6khme_GpPEYVgJqPOC35tEEBl3cRoRWuz-8_BZpAhpGm_cw2tHCsATn7OeDflU1Xk8Rmn6cdPr5BfqZibOV6GU7og&google_hm=NDk4MzM4NjIwNjA5MzYyMjU3
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 17:56:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKWZI6khme_GpPEYVgJqPOC35tEEBl3cRoRWuz-8_BZpAhpGm_cw2tHCsATn7OeDflU1Xk8Rmn6cdPr5BfqZibOV6GU7og&google_hm=NDk4MzM4NjIwNjA5MzYyMjU3
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2966
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0Nqa...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0Nqa...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0N...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0NqaMGdJ3D9bYG...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0NqaMGdJ3D9bYGEfs2TRRa9EEPGpmuABm6iby1fSBsOmYf3xLw
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:08 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitULlojEMktcXc9P5Mz9-NPol10dmwhvjQnuLq_YtrSMpqmFD0NqaMGdJ3D9bYGEfs2TRRa9EEPGpmuABm6iby1fSBsOmYf3xLw
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2966
Redirect Chain
  • https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESEPoY0iJ09lOJIlRmWebKjQs&google_cver=1&google_push=AQvitUKAIoaAJ4Aquj6almbKInZONlnZK6cfaHipPrOyiJ2pS31xaQ09gVKyBxBeD8Gk3JWrMFiKXB--v6_jCEHXWcyWN...
  • https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=OTE3OGFkNTUtOGZmMS00ZmMwLWE3ZGQtZjgzNWUzNTNiYTMy&google_push=AQvitUKAIoaAJ4Aquj6almbKInZONlnZK6cfaHipPrOyiJ2pS31xaQ09gVKyBxBeD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=OTE3OGFkNTUtOGZmMS00ZmMwLWE3ZGQtZjgzNWUzNTNiYTMy&google_push=AQvitUKAIoaAJ4Aquj6almbKInZONlnZK6cfaHipPrOyiJ2pS31xaQ09gVKyBxBeD8Gk3JWrMFiKXB--v6_jCEHXWcyWNR8Kv_5h
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 17:56:08 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=OTE3OGFkNTUtOGZmMS00ZmMwLWE3ZGQtZjgzNWUzNTNiYTMy&google_push=AQvitUKAIoaAJ4Aquj6almbKInZONlnZK6cfaHipPrOyiJ2pS31xaQ09gVKyBxBeD8Gk3JWrMFiKXB--v6_jCEHXWcyWNR8Kv_5h
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.62
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2966
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIbEtoDLE-PAAY2QfmdlJTnFIfGgf-yyKHrBU-9Wn_o6KzItOTvqF4tm2l6mn1GqGzf7Jm-_c
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:07 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
google
match.adsrvr.org/track/cmf/ Frame 4E53
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEByzVft-J_UzxMRre23Qvuw&google_cver=1&google_push=AQvitUJRmTW_eGVYdhek_eFrHUdFnnZV0OSJb8bE-_cB7N5Dv0DbQEiNhVwLXryho6RXqVr5ZJ8Vl6jvvMzCihgyitioRQuA6s_XNw
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4E53
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEBmC2w91NULx-1C792bIOU0&google_cver=1&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmgg
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEBmC2w91NULx-1C792bIOU0&google_cver=1&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmg...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmgg&google_hm=4j3jgLuiSiIAAikABlF5v...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmgg&google_hm=4j3jgLuiSiIAAikABlF5vms-TA%3D%3D
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f5-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUKGPeXaCib_H8JogmC8RdZ_TW3XVaHTrosb84N2XsAdoevv5_Cz-CslnJ9cELxw0X0gUaHs0y-imZ4-bbqg3UkhH6CJa1cmgg&google_hm=4j3jgLuiSiIAAikABlF5vms-TA%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4E53
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGEkRJFBZ9qgl2r1jRJrXHY&google_cver=1&google_push=AQvitUJm2rUFF_HjVc0NV13xaKTuSC3bWpuHT4xt6QxPh_cXw9Fek9q4zpXWYVtpspGJsPaLxlYkzbsQmiL9LH_Fs8NXJXO...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJm2rUFF_HjVc0NV13xaKTuSC3bWpuHT4xt6QxPh_cXw9Fek9q4zpXWYVtpspGJsPaLxlYkzbsQmiL9LH_Fs8NXJXObl2KWMQ&google_hm=NTQ2Nzc4NDM4Nzc4MDQz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJm2rUFF_HjVc0NV13xaKTuSC3bWpuHT4xt6QxPh_cXw9Fek9q4zpXWYVtpspGJsPaLxlYkzbsQmiL9LH_Fs8NXJXObl2KWMQ&google_hm=NTQ2Nzc4NDM4Nzc4MDQzNTkzNg%3D%3D
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 17:56:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJm2rUFF_HjVc0NV13xaKTuSC3bWpuHT4xt6QxPh_cXw9Fek9q4zpXWYVtpspGJsPaLxlYkzbsQmiL9LH_Fs8NXJXObl2KWMQ&google_hm=NTQ2Nzc4NDM4Nzc4MDQzNTkzNg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4E53
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFYQABOGUjIY5PSHiHlkuXM&google_cver=1&google_push=AQvitUIFxFuMf7Pv8OtwJk6h2nQqF4AMZ-BS6b3eyEtc_QewN5XqaTNtKR5jAYz4-NR-cQjB6EbhfzeC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTA2OTY2MzU5NTIzODkwMA&google_push=AQvitUIFxFuMf7Pv8OtwJk6h2nQqF4AMZ-BS6b3eyEtc_QewN5XqaTNtKR5jAYz4-NR-cQjB6Ebhfz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTA2OTY2MzU5NTIzODkwMA&google_push=AQvitUIFxFuMf7Pv8OtwJk6h2nQqF4AMZ-BS6b3eyEtc_QewN5XqaTNtKR5jAYz4-NR-cQjB6EbhfzeCKC_5Gcdbl6XcSdIYFdhx0g
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTA2OTY2MzU5NTIzODkwMA&google_push=AQvitUIFxFuMf7Pv8OtwJk6h2nQqF4AMZ-BS6b3eyEtc_QewN5XqaTNtKR5jAYz4-NR-cQjB6EbhfzeCKC_5Gcdbl6XcSdIYFdhx0g
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4E53
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlro...
0
0

pixel
cm.g.doubleclick.net/ Frame 4E53
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBG2zDSpDekobi41trDXTHA&google_cver=1&google_push=AQvitUIUqtGk9qKfSkDuD5ugCTgWJp4iBWtkzEo_LkQ4carRsM_DAuafmJiVu_7v6Nfm2r2A0BIUn-68wix7Gc...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=TDd2SHZOQXJVYg==&google_push=AQvitUIUqtGk9qKfSkDuD5ugCTgWJp4iBWtkzEo_LkQ4carRsM_DAuafmJiVu_7v6Nfm2r2A0BIUn-68wix7Gc6AorMYDV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=TDd2SHZOQXJVYg==&google_push=AQvitUIUqtGk9qKfSkDuD5ugCTgWJp4iBWtkzEo_LkQ4carRsM_DAuafmJiVu_7v6Nfm2r2A0BIUn-68wix7Gc6AorMYDVKgLgIIHw
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=TDd2SHZOQXJVYg==&google_push=AQvitUIUqtGk9qKfSkDuD5ugCTgWJp4iBWtkzEo_LkQ4carRsM_DAuafmJiVu_7v6Nfm2r2A0BIUn-68wix7Gc6AorMYDVKgLgIIHw
date
Sun, 30 May 2021 17:56:09 GMT
via
1.1 google
server
CookieSync Powered by Vdopia
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4E53
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLea...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLea...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPS8h3EsKa255MXaD8IO_nA&google_cver=1&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQL...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLeaaK3HDZ1K0v...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLeaaK3HDZ1K0vcYS_p7Qo6j-401cSBMBDPCiJnxugFaokN1yAs
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:08 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA0ZjkwMzFmOC1jMTcwLTExZWItYjU3Ny0wMmE5MmI3ODg3YjQ%3D&google_push=AQvitUKiW0zCqcNz1ReecIQKhkpkMFcWLJsmweEclz6wGc48RZPXQLeaaK3HDZ1K0vcYS_p7Qo6j-401cSBMBDPCiJnxugFaokN1yAs
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4E53
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKrKOJ5yHBe92D9SxUy8bA6Jbqr22TikG_PhEqw-F3q4l5-h14I9Px_pn5HO5tAxFotwuBcA
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:08 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame F3BE
54 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3541
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 17:57:07 GMT
rum.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame EAEB
54 KB
21 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/rum.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 21:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Jun 2021 21:06:35 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame E0F4
54 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3541
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 17:57:07 GMT
bf2b.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/ Frame EAEB
20 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/bf2b.svg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a44f93bde6064767878c4844fee4bd5ee627a302b0da55995f7b4edac18dbb8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
411432
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8161
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Tue, 25 May 2021 23:38:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 23:38:56 GMT
flag.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/ Frame EAEB
719 B
445 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/flag.svg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1914c48d0e96dbf55755facc2d03a58b7c2a69e46a6922b5e2dfa84e56333b6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
462042
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
409
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Tue, 25 May 2021 09:35:26 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 09:35:26 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/ Frame EAEB
6 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/logo.svg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
473546f02a50a1506c82193d8fcc9a5a1b01dc625611ccb1d07ed3af5a56bdb1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
199561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2229
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Fri, 28 May 2021 10:30:07 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 May 2022 10:30:07 GMT
copper.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/ Frame EAEB
110 KB
110 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6035171998416502784/copper.jpg
Requested by
Host: 730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
URL: https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b0974280e0d6c50459458a9858d67dafb366f793ff74f211b608ffb9a9fabf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
467255
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112481
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 16:55:16 GMT
server
sffe
date
Tue, 25 May 2021 08:08:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 May 2022 08:08:33 GMT
csi
csi.gstatic.com/ Frame EAEB
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kpbhi4zu&c=323674518006735&ctx=3&qqid=COqq25X98fACFb3auwgd-e4OHg&met.7=CB8QCBgBMAk41gFoAXAIeOacAYABwpwBiAHl_QSwAQG4AQM~CBIQBxgBIJ4BKJ4BMLABOBJooAFwrwF4ogSAAYcEiAGBEKoBEwoRT3BlbitTYW5zOnJlZ3VsYXKwAQG4AQM~CBwQChgBIJ4BKJ4BMKYBOAlooAFwpgF4hC6AAeotiAH0gQGwAQG4AQM~CBwQChgBIJ4BKJ4BMKcBOApooQFwpwF4qFGAAY5RiAGZ0AGwAQG4AQM~CBMQAhgBIMoBKMoBMNEBOAdoygFw0AF4gHGAAehwiAHocKoBDgoIb3BlbnNhbnMQFBgCsAEBuAED~CBgQChgBIOsBKOsBMPIBOAdo7AFw8gF4gqQBgAHkowGIAdSxA7ABAbgBAw
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F3BE
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kpbhi50b&c=323674518006735&ctx=2&qqid=COuq25X98fACFb3auwgd-e4OHg&met.6=6.1_Cg8YpwEgPioICAQSBBABMAE
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F3BE
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kpbhi50d&c=323674518006735&ctx=2&qqid=COuq25X98fACFb3auwgd-e4OHg&met.4=fb.ct~lb.g4~cmrload.ih~ol.ik~idt.-q~dt.-17b&met.3=555.gt~556.gt~749.ii_2~735.ix_1~113.ju_1~112.jt_2~246.jw&met.1=1.kpbhi4gh~6.3~7.3~8.3~9.3~10.3~12.4~13.b~14.b~15.2v~16.g4~17.g4~18.g4~19.ih~20.ih~21.il&met.7=CBsQCBgBKAMwCzicBWgEcAp4vRiAAaQYiAHOL7ABAbgBAw~CBsQCiCpAjgU~CBwQChgBIKwCKKwCMLMCOAdorQJwsgJ4mweAAfIGiAHtC7ABAbgBAw~CBwQChgBIKwCKKwCMLQCOAhorQJwswJ4mjeAAfE2iAGaiAGwAQG4AQM~CBwQChgBIKwCKKwCMIkDOF1ogwNwiAN4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBIKwCKKwCML0COBE~CBwQChgBIKwCKKwCMLQCOAhorQJwtAJ4niyAAYMsiAGZZrABAbgBAw~CBsQBhgBIKwCKKwCMJkDOG0~CBsQChgBIKwCKKwCMOADOLQB~CBsQBiCGAzhg~CBcQAhgBINMDKNMDMNsDOAdo1ANw2gN4y4kBgAGriQGIAauJAbABAbgBAw~CCEQBBgBIIAEKIAEMLQEODQ~CBwQBRgBIK8EKK8EMMQEOBZQsARYvQRgsARovQRwxAR47QWAAdQFiAGWCbABAbgBAw~CCgQChgBIKkFKKkFML4FOBZoqQVwvAV4gKQBgAHkowGIAdSxA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E0F4
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kpbhi50j&c=323674518006735&ctx=2&qqid=CO2q25X98fACFb3auwgd-e4OHg&met.6=6.1_Cg4YcyA-KggIBBIEEAEwAQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E0F4
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kpbhi50y&c=323674518006735&ctx=2&qqid=CO2q25X98fACFb3auwgd-e4OHg&met.4=fb.cz~lb.g0~cmrload.ha~ol.he~idt.-27~dt.-18s&met.3=555.gb~556.gb~749.hb_3~736.hn~735.hp_2~113.im_1~112.il_2~246.iz_1&met.1=1.kpbhi4hy~6.3~7.3~8.3~9.3~10.3~12.4~13.9~14.a~15.1p~16.g0~17.g0~18.g1~19.ha~20.ha~21.he~22.f9~23.f9&met.7=CBsQCBgBKAMwCjjyBGgEcAl4vRiAAaQYiAHOL7ABAbgBAw~CBsQCiCdAjgl~CBwQChgBIJ8CKJ8CMKYCOAdooAJwpgJ4mweAAfIGiAHtC7ABAbgBAw~CBwQChgBIJ8CKJ8CMKcCOAhooAJwpgJ4mjeAAfE2iAGaiAGwAQG4AQM~CBwQChgBIJ8CKJ8CMOICOEJo3AJw4QJ4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBIKACKKACMLICOBM~CBwQChgBIKACKKACMKgCOAhooAJwpwJ4niyAAYMsiAGZZrABAbgBAw~CBsQBhgBIKACKKACMKADOIAB~CBsQChgBIKACKKACMNMDOLQB~CBsQBiCYAzhL~CBcQAhgBIJUEKJUEMJ0EOAdolgRwnAR4wKwBgAGgrAGIAaCsAbABAbgBAw~CCEQBBgBIJsEKJsEMNEEODY~CBwQBRgBIK0EKK0EMLQEOAdorgRwtAR47QWAAdQFiAGWCbABAbgBAw~CCgQChgBIPkEKPkEMI8FOBZo-QRwiwV4gKQBgAHkowGIAdSxA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 8FAC
54 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 16:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3541
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
server
cafe
etag
11353732011524445191
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 17:57:07 GMT
csi
csi.gstatic.com/ Frame 8FAC
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kpbhi52j&c=323674518006735&ctx=2&qqid=COqq25X98fACFb3auwgd-e4OHg&met.6=6.1_Cg8Y2gEgPioICAESBBABMAE
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8FAC
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kpbhi52n&c=323674518006735&ctx=2&qqid=COqq25X98fACFb3auwgd-e4OHg&met.4=fb.dk~cmrload.f7~lb.gr~ol.ly~idt.p~dt.-15w&met.3=736.hr~735.i4_1~113.ni_2~112.nh_3~246.nk_1&met.1=1.kpbhi4f2~6.3~7.3~8.3~9.3~10.3~12.5~13.b~14.c~15.42~16.gs~17.gs~18.gs~19.ly~20.ly~21.lz~22.i5~23.i5&met.7=CBsQCBgBKAMwCziWBmgFcAt4vRiAAaQYiAHOL7ABAbgBAw~CBsQCiCXAjgV~CBsQBiCrAzgX~CBwQChgBIOkDKOkDMPADOAdo6gNw7wN4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBIOkDKOkDMPoDOBE~CBwQChgBIOkDKOkDMPADOAdo6gNw8AN4niyAAYMsiAGZZrABAbgBAw~CB8QBRgBIPMDKPMDMPwDOAlo9ANw-wN45pwBgAHCnAGIAeX9BLABAbgBAw~CCEQBBgBIPUDKPUDMKsEODY~CCgQBRgBIPYDKPYDMIAEOAo~CBwQBRgBIPcDKPcDMKIEOCs~CCgQChgBILcGKLcGMMkGOBNotwZwyAZ4gKQBgAHkowGIAdSxA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~kpbhi3cx&c=323674518006735&e=31060413%2C31061003%2C31061149%2C21066613%2C21066615%2C21067088&ctx=1&met.7=CBsQBiDdEDgNwAHbp7SGDA~CBsQBiDdEDgNwAHbp7SGDA~CBsQDSDMDjjFAsABj-61mQY~~CBsQDSC8EDiUAcAB6fz9qQw~CBsQDSDODjiPA8AB5IOfqA0~CBsQDSDDEDjSAcAB5IOfqA0~CBsQBiCXEjgewAH2rJzADg~CBsQDSDsDjiKBMAB5IOfqA0~CA8QDRgBIN8PKN8PMN0SOP4CaN8PcNwSeJWKAYAB9YkBiAHb1QOwAQG4AQPAAb_emusG~CBsQBRgBILQTKLQTMMoTOBZQthNYwxNgthNowxNwyhN4vRiAAaQYiAHOL7ABAbgBA8ABmoSw_go~CCoQChgBIMgTKMgTMPQTOCzAAab7gJMH~CBsQDSDQEzhYwAHh653NBA~CBsQBiDMEzixAcAB-5PoxQw~CBsQBiCUFTgrwAHGscfwBA~CA8QDRgBIN8PKN8PMMYVOOcFaOAPcMUVeIK4AYAB4bcBiAGXkgSwAQG4AQPAAb_emusG~CBsQBRgBIPcVKPcVMIEWOApo-xVwgBZ4vRiAAaQYiAHOL7ABAbgBA8ABmoSw_go~CBsQBiCRFjggwAGkyfaQDA~CBsQARgBINgQKNgQMKAZOMkIwAGkoPylBw~CBsQDSDQDjiRC8ABt6SEoQI~CBsQDSDrDjj8CsABt6SEoQI~CA8QDRgBINwPKNwPMKoaOM8KaN0PcJ8aeP2CBIABzIIEiAGb5xqwAQG4AQPAAb_emusG~CBsQDSDGEDjvCsAB8bXgGA~CBsQBRgBILUbKLUbMMEbOAtouhtwwBt4vRiAAaQYiAHOL7ABAbgBA8ABmoSw_go~CBsQBRgBIOgbKOgbMPMbOAto7Btw8ht4vRiAAaQYiAHOL7ABAbgBA8ABmoSw_go~CBsQBRgBIJ0cKJ0cMKccOApooRxwphx4vRiAAaQYiAHOL7ABAbgBA8ABmoSw_go~CBsQBiDNHDixAcABzf2FowQ~CA0QChgBIOscKOscMPocOA9o7Bxw-Rx4y6cBgAGypwGIAZ3yA7ABAbgBA8AB4dvm3Qs~CBsQDSDXDjiXEMAB4JjemgU~CBsQDSDYDjiXEMABspXNoAM~CBsQDSDrDjiEEMABspXNoAM~CBsQDSDwDjj_D8AB4JjemgU~CBsQBiC7HzgiwAHan7aPDQ&met.9=4_37.1um~5_37.1vg~4_47.24n~5_47.24r~6_37.2kg~4_1.2m5~5_7.2mi~5_8.2mj~5_9.2mj~5_1.2mr~5_3.2oa~5_4.2px~5_6.2rd~6_47.2up~6_1.2xd~6_4.39h~6_6.39r~6_3.3bg&met.3=646.1um_4~800.1uq~800.1uq~800.1uq~800.1uq~800.1uq~573.1vk~598.1vk~598.1vk~598.1vk~598.1vk~598.1vk~598.1vk~598.1vk~598.1vk~598.1vk~598.1vk~574.1vl~54.1vl~598.1vm~598.1vm~355.1vm~598.1vn~598.1vn~355.1vn~598.1vn~598.1vn~355.1vn~598.1vo~598.1vo~355.1vo~598.1vo~598.1vo~355.1vo~598.1vp~598.1vp~355.1vp~598.1vp~598.1vp~355.1vp~598.1vq~598.1vq~355.1vq~598.1vq~598.1vq~355.1vq~598.1vr~598.1vr~355.1vr~598.1vr~583.1vs~54.1vs~598.1vs~801.1xg~831.1xg~825.1xg~801.1xg~355.1xg~825.1xg~598.1xg~54.1xg~708.1xg~598.1xg~708.1xg~598.1xh~708.1xg~598.1xl~708.1xl~708.1xl~708.1xl~647.1xl~298.20d~155.1zo_s~680.20v~824.20w~824.20w~824.20w~824.20w~132.20w~713.22j~132.22i_1~143.238_1~646.24n_2~800.24p~800.24p~800.24p~800.24p~800.24p~573.24s~598.24s~598.24s~598.24s~598.24s~598.24s~598.24s~598.24s~598.24s~598.24s~598.24t~598.24t~574.24t~54.24t~598.24t~598.24t~355.24t~598.24t~598.24t~355.24t~598.24u~598.24u~355.24u~598.24u~598.24u~355.24u~598.24u~598.24u~355.24u~598.24v~598.24v~355.24v~598.24v~598.24v~355.24v~598.24v~598.24v~355.24v~598.24w~598.24w~355.24w~598.24w~598.24w~355.24w~598.24w~598.24w~355.24w~598.24w~583.24w~54.24w~598.24w~801.26l~825.26l~801.26l~355.26l~825.26l~598.26l~54.26l~708.26l~598.26l~708.26l~598.26l~708.26l~298.26m~713.26n~598.26n~708.26n~708.26n~708.26n~647.26n~143.26x_1~129.28p~143.29q_1~143.2cj_1~143.2fc_1~129.2fn~143.2i5_1~680.2ir~132.2ir~680.2ir~824.2ir~824.2ir~824.2ir~824.2ir~132.2ka~415.2kf~844.2kg~844.2kg~130.2kg~143.2l2_1~646.2m5_2~646.2m8_2~646.2ma_2~646.2mc_2~646.2me_2~646.2mg_2~646.2mi_1~646.2mj~646.2mj~800.2mj~800.2mj~800.2mk~800.2mk~800.2mk~800.2mk~800.2mk~801.2mk~825.2mk~800.2mk~801.2mk~825.2mk~800.2mk~801.2mk~825.2mk~800.2mk~800.2mk~800.2mk~800.2mk~800.2mk~800.2mk~800.2mk~801.2mk~355.2mk~825.2mk~800.2mk~801.2mk~355.2mk~825.2mk~800.2mk~801.2mk~355.2mk~825.2mk~800.2mk~800.2mk~800.2mk~800.2ml~800.2ml~800.2ml~800.2ml~598.2ml~54.2ml~708.2ml~800.2ml~598.2ml~54.2ml~708.2ml~800.2ml~598.2ml~54.2ml~708.2ml~800.2ml~800.2ml~800.2ml~800.2ml~800.2ml~800.2ml~800.2ml~598.2ml~708.2ml~800.2ml~598.2ml~708.2ml~800.2ml~598.2ml~708.2ml~800.2ml~800.2mm~800.2mm~800.2mm~800.2mm~800.2mm~800.2mn~598.2mn~708.2mn~800.2mn~598.2mn~708.2mn~800.2mn~598.2mn~708.2mn~598.2mn~708.2mn~598.2mn~708.2mn~598.2mn~708.2mn~708.2mn~708.2mn~708.2mn~708.2mn~708.2mn~708.2mn~573.2n7~598.2n7~573.2on~598.2on~598.2on~598.2on~574.2on~54.2on~598.2on~598.2on~355.2on~598.2on~598.2on~355.2on~598.2oo~598.2oo~355.2oo~598.2oo~583.2oo~54.2oo~598.2oo~573.2pz~598.2pz~598.2pz~598.2pz~598.2pz~574.2pz~54.2pz~598.2pz~598.2pz~355.2pz~598.2pz~598.2pz~355.2pz~598.2q0~598.2q0~355.2q0~598.2q0~598.2q0~355.2q0~598.2q0~583.2q0~54.2q0~598.2q0~573.2ri~598.2ri~598.2ri~598.2ri~598.2ri~598.2ri~598.2ri~574.2ri~54.2ri~598.2ri~598.2ri~355.2ri~598.2rj~598.2rj~355.2rj~598.2rj~598.2rj~355.2rj~598.2rj~598.2rj~355.2rj~598.2rj~598.2rj~355.2rj~598.2rk~598.2rk~355.2rk~598.2rk~583.2rk~54.2rk~598.2rk~801.2su~825.2su~801.2su~825.2su~801.2su~825.2su~801.2su~825.2su~801.2su~355.2su~825.2su~801.2su~355.2su~825.2su~801.2sv~355.2sv~825.2sv~801.2sv~355.2sv~825.2sv~598.2sv~54.2sv~708.2sv~598.2sv~54.2sv~708.2sv~598.2sv~54.2sv~708.2sv~598.2sv~54.2sv~708.2sv~598.2sv~708.2sv~598.2sv~708.2sv~598.2sv~708.2sv~598.2sv~708.2sv~598.2sv~708.2sv~598.2sy~708.2sy~298.2sy~713.2sz~598.2sz~708.2sz~298.2sz~713.2t0~598.2t0~708.2t0~298.2t0~713.2t0~598.2t1~708.2t1~598.2t1~708.2t1~598.2t1~708.2t1~598.2t1~708.2t1~708.2t1~708.2t1~708.2t1~708.2t1~708.2t1~708.2t1~708.2t1~708.2t1~647.2t1~713.2uh~713.2uh~143.2ug_3~129.2uj~415.2up~844.2up~844.2up~774.2xd~844.2xd~844.2xd~143.30p_2~297.315~680.31y~132.31y~680.31y~680.31y~680.31z~824.31z~824.31z~824.31z~824.31z~680.31z~680.31z~680.321~132.321~680.321~680.321~824.321~824.321~824.322~824.322~680.322~680.322~680.322~680.322~132.322~680.322~680.322~824.322~824.322~824.322~824.322~680.322~680.322~680.322~129.323~680.324~132.324~680.324~680.324~680.324~680.324~824.324~824.324~824.324~824.324~680.325~680.32z~132.32z~680.32z~680.32z~824.330~824.330~824.330~824.330~680.330~680.330~680.330~680.33z~132.33z~680.33z~680.33z~824.33z~824.33z~824.33z~824.33z~680.33z~680.340~680.340~680.340~132.340~680.340~680.340~824.340~824.340~824.340~824.340~680.341~680.341~680.341~680.341~132.341~680.341~680.341~824.341~824.341~824.341~824.341~680.341~680.342~680.342~680.34t~132.34t~680.34t~680.34t~680.34t~680.34t~680.34t~824.34u~824.34u~824.34u~824.34u~143.34v_6~132.37g_1~132.37j_1~132.38m~143.38m_2~129.396~415.39g~844.39h~844.39h~415.39r~844.39r~844.39r~415.3bg~844.3bg~844.3bg~143.3c6_2~143.3f0_3~129.3g5~143.3hv_3~143.3kq_2&qqid.37=CNO2sZX98fACFU_juwgdirwKVQ&qqid.47=CP2HxJX98fACFQRG5Qod2WgFWA&qqid.1=COiq25X98fACFb3auwgd-e4OHg&qqid.2=COmq25X98fACFb3auwgd-e4OHg&qqid.3=COqq25X98fACFb3auwgd-e4OHg&qqid.4=COuq25X98fACFb3auwgd-e4OHg&qqid.5=COyq25X98fACFb3auwgd-e4OHg&qqid.6=CO2q25X98fACFb3auwgd-e4OHg&qqid.7=COXOsZX98fACFb3auwgd-e4OHg&qqid.8=CObOsZX98fACFb3auwgd-e4OHg&qqid.9=COfOsZX98fACFb3auwgd-e4OHg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3958
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD9Tud9e9QBn0C0jjXyXyUJi57HnEvYAJDy_QYyUYCqzQrPTFKlapb4dwFQu8OaNgm9s6pCpxCEVDq8l98AD9rNSAlzN1cVwwRvS12mlOybuBvOEExxjwC-jE&sai=AMfl-YQDs6fBcUnW8EWcZWDQ1ZGZ9obzosVYAi7xNWkzLmFR7k8gso_PX4VCc3NehuWUNWCgurs3HTnse8zEyeBezmuVYIj25HOeHdADLYG5wpWfrDS_nlIMfImfz4MW&sig=Cg0ArKJSzDJHFFnc6Tc6EAE&cid=CAASFeRoSXofQ_PFVqlbPceID1T4R6LgEA&id=ampim&o=436,98&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=290&tls=1290&g=100&h=100&tt=1290&r=v&avms=ampa&adk=2786708225
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8FAC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_fO-FJjzZkMXJ1kPj3o_Al70_ylg82xzXUNPd-zeJQ6NrdsCQlMZHHNuWwPNTpYeyt9SzxPMGXAJUaL7Q4-OGIOE94SCdD1WYnN6X8OUxk-MmxTXU9r4Sk8A&sai=AMfl-YT1X6YyeooSdJFUbPs0lDx2YhR-k7ikbvt0Q0ifq-GKqBmyEk43TmmGbAxzlGl9Caam1lyz-X910wjLdRIdTXW85A9VpHy-9NA9vkFmWMEHGhWaI7lJksfVgNP9&sig=Cg0ArKJSzMJoc1mCThADEAE&cid=CAASFeRo6zlsa1NTS9aLRKfHX3on7IGi1A&id=lidar2&mcvt=1000&p=412,1040,662,1340&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4285528634&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622397367386&dlt=22&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5845
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; SyncRTB3=1623542400%3A220; KADUSERCOOKIE=B23CC141-498E-401C-808E-CBA2C011B4E6; PUBMDCID=3; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=22954
expires
Mon, 31 May 2021 00:18:42 GMT
date
Sun, 30 May 2021 17:56:08 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 5845
4 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80163068&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
50faae10916776a75ecdcacd18f9ca2e67de37581c76f26436b261520833968d

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame E0F4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9L2lgscPO60QLtNJGJG8aUWppBOeOSa834rgT2-z7j-lzFVG621Il0_Mo5tM2zZd5QVcdZhvz5Slm4M8yoPk4X48O1hfPErk6dj7RViAZn_wemUtZqkcTVc8&sai=AMfl-YS1emd23dpHo2TAzUwZ0M9rjoNTHrKoR7ZjB_E0wwXw7Q3Vyd3ey2V3lDQ6ZYHztJLxaYRhjF4z2ng0BvNYClqedKVt79FIBjIApNB7F9dKAM6S1YjeN10mlG2S&sig=Cg0ArKJSzM-matkGDQ8rEAE&cid=CAASFeRodrbnfordmjbCc-44mQRlHZHWjg&id=lidar2&mcvt=1004&p=735,451,985,751&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3758348931&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622397367388&dlt=39&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 39C2
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B23CC141-498E-401C-808E-CBA2C011B4E6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=B23CC141-498E-401C-808E-CBA2C011B4E6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=8115069663595238900
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 17:56:09 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8115069663595238900; expires=Thu, 29 Jul 2021 17:56:09 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame ED0A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5850541880282737778
42 B
211 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5850541880282737778
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5850541880282737778
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=B23CC141-498E-401C-808E-CBA2C011B4E6; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1622419200%3A174%7C1623542400%3A201_197_219; SyncRTB3=1623542400%3A161_7_71_8_22_81_220_56_54_21_234_55_3_166_13%7C1622937600%3A223_2_15%7C1623196800%3A63%7C1624924800%3A203%7C1623628800%3A35; KRTBCOOKIE_153=19420-z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket&KRTB&22979-z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket; PugT=1622397369; KRTBCOOKIE_80=22987-CAESEDjjid8rsdPwpji9Us0utp0&KRTB&16514-CAESEDjjid8rsdPwpji9Us0utp0&KRTB&23025-CAESEDjjid8rsdPwpji9Us0utp0; KRTBCOOKIE_22=14911-2685190894431413257; KRTBCOOKIE_27=16735-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&16736-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&23019-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&23114-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a; SPugT=1622390028; KRTBCOOKIE_391=22924-8115069663595238900&KRTB&23263-8115069663595238900; KRTBCOOKIE_377=6810-78774818-31cb-49a8-b2d7-3541243770de&KRTB&22918-78774818-31cb-49a8-b2d7-3541243770de&KRTB&23031-78774818-31cb-49a8-b2d7-3541243770de; KRTBCOOKIE_57=22776-7538304888347731149
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 17:56:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5850541880282737778; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 17:56:09 GMT; path=/ PugT=1622397369; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 17:56:09 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 28-Aug-2021 17:56:09 GMT; path=/
x-lat
lhrpug004:0:437
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5850541880282737778
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame DC71
43 B
304 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 30 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1376
date
Sun, 30 May 2021 17:56:10 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968143645283645592
42 B
211 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968143645283645592
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968143645283645592
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=B23CC141-498E-401C-808E-CBA2C011B4E6; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1622419200%3A174%7C1623542400%3A201_197_219; SyncRTB3=1623542400%3A161_7_71_8_22_81_220_56_54_21_234_55_3_166_13%7C1622937600%3A223_2_15%7C1623196800%3A63%7C1624924800%3A203%7C1623628800%3A35; KRTBCOOKIE_153=19420-z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket&KRTB&22979-z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket; KRTBCOOKIE_80=22987-CAESEDjjid8rsdPwpji9Us0utp0&KRTB&16514-CAESEDjjid8rsdPwpji9Us0utp0&KRTB&23025-CAESEDjjid8rsdPwpji9Us0utp0; KRTBCOOKIE_22=14911-2685190894431413257; KRTBCOOKIE_27=16735-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&16736-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&23019-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&23114-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a; SPugT=1622390028; KRTBCOOKIE_391=22924-8115069663595238900&KRTB&23263-8115069663595238900; KRTBCOOKIE_377=6810-78774818-31cb-49a8-b2d7-3541243770de&KRTB&22918-78774818-31cb-49a8-b2d7-3541243770de&KRTB&23031-78774818-31cb-49a8-b2d7-3541243770de; KRTBCOOKIE_57=22776-7538304888347731149; KRTBCOOKIE_336=5844-5850541880282737778; KRTBCOOKIE_218=22978-YLPRugABYNh4DAAC&KRTB&23194-YLPRugABYNh4DAAC&KRTB&23209-YLPRugABYNh4DAAC&KRTB&23244-YLPRugABYNh4DAAC; PugT=1622397370; KRTBCOOKIE_188=3189-36d39121-6970-4df5-9c6c-b9b3043f55b4-60b3d1ba-4348
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 17:56:10 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6968143645283645592; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 17:56:10 GMT; path=/ PugT=1622397370; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 17:56:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 28-Aug-2021 17:56:10 GMT; path=/
x-lat
lhrpug011:0:552
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 30 May 2021 17:56:10 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6968143645283645592; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968143645283645592
adx
match.prod.bidr.io/cookie-sync/ Frame 8F0F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDc0xVN0JaNk1BQUREVFl4SXF5QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AACsLU7BZ6MAADDTYxIqyA; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sun, 30 May 2021 17:56:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sun, 30 May 2021 17:56:10 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame AE8E
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=B23CC141-498E-401C-808E-CBA2C011B4E6; PUBMDCID=3; chkChromeAb67Sec=3; DPSync3=1622419200%3A174%7C1623542400%3A201_197_219; SyncRTB3=1623542400%3A161_7_71_8_22_81_220_56_54_21_234_55_3_166_13%7C1622937600%3A223_2_15%7C1623196800%3A63%7C1624924800%3A203%7C1623628800%3A35; KRTBCOOKIE_153=19420-z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket&KRTB&22979-z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket; PugT=1622397369; KRTBCOOKIE_80=22987-CAESEDjjid8rsdPwpji9Us0utp0&KRTB&16514-CAESEDjjid8rsdPwpji9Us0utp0&KRTB&23025-CAESEDjjid8rsdPwpji9Us0utp0; KRTBCOOKIE_22=14911-2685190894431413257; KRTBCOOKIE_27=16735-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&16736-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&23019-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&KRTB&23114-uid:652060b3-d1b6-4200-bce9-91beab1e9d4a; SPugT=1622390028; KRTBCOOKIE_391=22924-8115069663595238900&KRTB&23263-8115069663595238900; KRTBCOOKIE_377=6810-78774818-31cb-49a8-b2d7-3541243770de&KRTB&22918-78774818-31cb-49a8-b2d7-3541243770de&KRTB&23031-78774818-31cb-49a8-b2d7-3541243770de; KRTBCOOKIE_57=22776-7538304888347731149; KRTBCOOKIE_336=5844-5850541880282737778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 30 May 2021 17:56:10 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug008:2:511
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=1aa48890-c968-4248-8f0e-0468beb23743; path=/; domain=csync.loopme.me; Expires=Wed, 30-Jun-2021 17:56:10 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Sun, 30 May 2021 17:56:10 GMT
server
_
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F504
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=B23CC141-498E-401C-808E-CBA2C011B4E6&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=AyFmvVj6UEtwgluClMSJyc4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Sun, 30 May 2021 17:56:09 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5845
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sjzBQUmOQByAjsuiwBG05g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 18:57:29 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-1f78-5b232eb4914bb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=110168
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2654
expires
Tue, 01 Jun 2021 00:32:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=652060b3-d1b6-4200-bce9-91beab1e9d4a
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=652060b3-d1b6-4200-bce9-91beab1e9d4a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 30 May 2021 17:56:09 GMT
Server
MT3 3736 915c305 master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=652060b3-d1b6-4200-bce9-91beab1e9d4a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 17:56:08 GMT
/
pixel.onaudience.com/ Frame 5845
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B23CC141-498E-401C-808E-CBA2C011B4E6
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bfd74d5a8592b454f0478063bdebb950
35 B
248 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bfd74d5a8592b454f0478063bdebb950
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3175227.ip-51-210-112.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sun, 30 May 2021 17:56:10 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bfd74d5a8592b454f0478063bdebb950
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8115069663595238900
42 B
234 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8115069663595238900
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:525
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8115069663595238900
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&gdpr=0&gdpr_consent=
42 B
339 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:545
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 30 May 2021 17:56:09 GMT
Server
MT3 3736 915c305 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:652060b3-d1b6-4200-bce9-91beab1e9d4a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 17:56:08 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=78774818-31cb-49a8-b2d7-3541243770de
42 B
295 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=78774818-31cb-49a8-b2d7-3541243770de
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:1021
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=78774818-31cb-49a8-b2d7-3541243770de
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDjjid8rsdPwpji9Us0utp0&google_cver=1
42 B
280 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDjjid8rsdPwpji9Us0utp0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:1580
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDjjid8rsdPwpji9Us0utp0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7538304888347731149&gdpr=0&gdpr_consent=
42 B
211 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7538304888347731149&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:537
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:09 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid
2979c467-c234-4b9a-b598-7c1536192f65
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7538304888347731149&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B23CC141-498E-401C-808E-CBA2C011B4E6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5845
43 B
709 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B23CC141-498E-401C-808E-CBA2C011B4E6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B23CC141-498E-401C-808E-CBA2C011B4E6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GI75cwFE2uUVCKdpHqcWg5g12L761hQ-~A&gdpr=0&gdpr_consent=
0
129 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GI75cwFE2uUVCKdpHqcWg5g12L761hQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 15:53:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 30 May 2021 17:56:09 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GI75cwFE2uUVCKdpHqcWg5g12L761hQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket
42 B
443 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:591
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=z2Xo9J1k6PLUMeijn2Wnos9l6f7Ubbj3zmf_3ket
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a7242ace-72b2-4c69-b726-523e704f5d05&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18991391-c571-4835-8b3b-91f8deaaa835&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18991391-c571-4835-8b3b-91f8deaaa835&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:613
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=18991391-c571-4835-8b3b-91f8deaaa835&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 30 May 2021 17:56:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLPRugABYNh4DAAC&gdpr=0&gdpr_consent=&_test=YLPRugABYNh4DAAC
1 B
393 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLPRugABYNh4DAAC&gdpr=0&gdpr_consent=&_test=YLPRugABYNh4DAAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:1096
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622397370.267945,VS0,VE0
x-served-by
cache-hhn4067-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLPRugABYNh4DAAC&gdpr=0&gdpr_consent=&_test=YLPRugABYNh4DAAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
1 B
186 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:482
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 May 2021 17:56:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10674cc9-499b-4117-8745-3e872b8659f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10674cc9-499b-4117-8745-3e872b8659f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:537
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10674cc9-499b-4117-8745-3e872b8659f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 30 May 2021 17:56:10 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 5845
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B23CC141-498E-401C-808E-CBA2C011B4E6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 5845
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=36d39121-6970-4df5-9c6c-b9b3043f55b4-60b3d1ba-4348&gdpr=0&gdpr_consent=
42 B
232 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=36d39121-6970-4df5-9c6c-b9b3043f55b4-60b3d1ba-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:705
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=36d39121-6970-4df5-9c6c-b9b3043f55b4-60b3d1ba-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmatic
um.simpli.fi/ Frame 5845
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 29 May 2021 17:56:11 GMT
img.fetch
udmserve.net/udm/ Frame 06EA
0
675 B
Script
General
Full URL
https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=7;p=1;rri=1622397365439_982875_217.138.203.212;mid=43264;zzz=1;version=v2.6.27-confiant;cb=0.23410052464267417;session=1;style=slider;vis=visible;traffic_info=%7B%7D;;radid=1622397365439_982875_217.138.203.212
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:09 GMT
Expires
-1d
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
0
Content-Type
application/x-javascript
edge-logo-white.png
bid.underdog.media/
15 KB
16 KB
Image
General
Full URL
https://bid.underdog.media/edge-logo-white.png
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 19:30:30 GMT
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
age
1549540
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
15804
x-amz-cf-id
bP5wDLT6CMY9x2RHBdpy_Q0EWJhqZvt_k0LO3MVqdXe_BDGE4tnuww==
publishertag.prebid.js
static.criteo.net/js/ld/
83 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 17:56:09 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
83 KB
27 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 17:56:10 GMT
radApi
edge.udmserve.net/
20 B
160 B
XHR
General
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 17:56:10 GMT
Content-Length
20
Content-Type
application/json
pd
eu-u.openx.net/w/1.0/ Frame 80A6
668 B
731 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
513fbd4ef4ebe3cfc60afb01efb691dd151e675be4a52e3da4a01007f8590105

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a1ce3456-8203-0d28-2232-d43300f8dcc1|1622397367
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=a1ce3456-8203-0d28-2232-d43300f8dcc1|1622397367; Version=1; Expires=Mon, 30-May-2022 17:56:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622397370|gekin0vNiygu; Version=1; Expires=Mon, 14-Jun-2021 17:56:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 30 May 2021 17:56:10 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame A8DA
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.upi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 30 May 2021 17:56:10 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 047E
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.upi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 30 May 2021 17:56:10 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 556D
668 B
719 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
513fbd4ef4ebe3cfc60afb01efb691dd151e675be4a52e3da4a01007f8590105

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=a1ce3456-8203-0d28-2232-d43300f8dcc1|1622397367
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=a1ce3456-8203-0d28-2232-d43300f8dcc1|1622397367; Version=1; Expires=Mon, 30-May-2022 17:56:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622397370|gekin0vNiygu; Version=1; Expires=Mon, 14-Jun-2021 17:56:10 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 30 May 2021 17:56:10 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=appnexus&uid=7538304888347731149
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=appnexus&uid=7538304888347731149
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:10 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
5e46f965-cfbb-4114-9fe4-da7248088246
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=appnexus&uid=7538304888347731149
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=609d1999-498e-4cac-b25a-dc7a83eda00a
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=609d1999-498e-4cac-b25a-dc7a83eda00a&apid=UP4f9031f8-c170-11eb-b577-02a92b7887b4
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
0
147 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Sun, 30 May 2021 17:56:11 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
0
117 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Sun, 30 May 2021 17:56:10 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
0
146 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

location
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
date
Sun, 30 May 2021 17:56:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D609d1999-498e-4cac-b25a-dc7a83eda00a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:10 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Sun, 30 May 2021 17:56:11 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=609d1999-498e-4cac-b25a-dc7a83eda00a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 80A6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:10 GMT
Server
MT3 3736 915c305 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 17:56:09 GMT
sd
us-u.openx.net/w/1.0/ Frame 80A6
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 80A6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 80A6
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=72620b0f-2b84-32df-78e4-1cdb64dfef3c&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 80A6
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWUwZGQ4YzUtZTJmMy02YzdiLTZkMDQtNDY2MmFlM2QyMTVj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 80A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 556D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:10 GMT
Server
MT3 3736 915c305 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=652060b3-d1b6-4200-bce9-91beab1e9d4a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 17:56:09 GMT
sd
us-u.openx.net/w/1.0/ Frame 556D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=k76ofcG_qHuI6qgqw77nK5O-qXeItvh-krwp9GeX
pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 556D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8115069663595238900
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 556D
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=72620b0f-2b84-32df-78e4-1cdb64dfef3c&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 556D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWUwZGQ4YzUtZTJmMy02YzdiLTZkMDQtNDY2MmFlM2QyMTVj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 556D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6c4f83d5-e20c-4177-963e-68ae46b0d91d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZ8wsSfc1gGqm-DFDjk8MU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2phnmalQ8-RyDfvTgdFZkns7dd-0S3wlt9kqAzvX9LR9uSpTvMZ8Kzc1g_orN5WFg-8X8VC7qKVwIrIT
breakfastboat.com/
216 B
347 B
Fetch
General
Full URL
https://breakfastboat.com/v2phnmalQ8-RyDfvTgdFZkns7dd-0S3wlt9kqAzvX9LR9uSpTvMZ8Kzc1g_orN5WFg-8X8VC7qKVwIrIT
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
6b01b513764617041ffb747e627f0fcc84b10469dda5560ead903d776df8c6bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 30 May 2021 17:56:10 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
e604810c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sun, 30 May 2021 17:56:09 GMT
csi
csi.gstatic.com/ Frame 8FAC
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kpbhi52o&c=323674518006735&ctx=2&qqid=COqq25X98fACFb3auwgd-e4OHg&met.6=6.1_CgsYxhsgTCoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7D1B
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=5~kpbhi4qa&c=323674518006735&ctx=2&qqid=CNO2sZX98fACFU_juwgdirwKVQ&met.6=6.1_CgsYyCMgTCoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E0F4
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kpbhi50y&c=323674518006735&ctx=2&qqid=CO2q25X98fACFb3auwgd-e4OHg&met.6=6.1_CgsY3xogTCoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DF43
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kpbhi4ri&c=323674518006735&ctx=2&qqid=CP2HxJX98fACFQRG5Qod2WgFWA&met.6=6.1_CgsYhCEgTCoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F3BE
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kpbhi50i&c=323674518006735&ctx=2&qqid=COuq25X98fACFb3auwgd-e4OHg&met.6=6.1_CgsYkxsgTCoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2phnmalQ8-RyDfvTgdFZkns7dd-0S3wlt9kqAzvX9LR9uSpTvMZ8Kzc1g_orN5WFg-8X8VC7qKVwIrIT
breakfastboat.com/
216 B
249 B
Fetch
General
Full URL
https://breakfastboat.com/v2phnmalQ8-RyDfvTgdFZkns7dd-0S3wlt9kqAzvX9LR9uSpTvMZ8Kzc1g_orN5WFg-8X8VC7qKVwIrIT
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
55d4e57b58b2c98f05ffdb98695f9fe9099b239401dd2f420cb6133d9a5ed80c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 30 May 2021 17:56:10 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
e604810c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sun, 30 May 2021 17:56:09 GMT
v2klfaB35RB8YzCL70KtI8HORGWctFttletvsoquLpd2Px3wLuiVWD4I_AhyAZs30V_MPyHMBCvXx5U95
breakfastboat.com/
977 B
1012 B
Fetch
General
Full URL
https://breakfastboat.com/v2klfaB35RB8YzCL70KtI8HORGWctFttletvsoquLpd2Px3wLuiVWD4I_AhyAZs30V_MPyHMBCvXx5U95
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
fe98d55e357f01291a9d4adb50f10f974e8af39ec9b2c11ed80df896ddd114a6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 30 May 2021 17:56:10 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
x-hostname
e604810c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
977
v2klfaB35RB8YzCL70KtI8HORGWctFttletvsoquLpd2Px3wLuiVWD4I_AhyAZs30V_MPyHMBCvXx5U95
breakfastboat.com/
977 B
1008 B
Fetch
General
Full URL
https://breakfastboat.com/v2klfaB35RB8YzCL70KtI8HORGWctFttletvsoquLpd2Px3wLuiVWD4I_AhyAZs30V_MPyHMBCvXx5U95
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5b7753e8d0cd046492ff274415167a714f1a993e5b8473822a9297dd239dbfb7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 30 May 2021 17:56:10 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
x-hostname
e604810c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
977
SPug
simage4.pubmatic.com/AdServer/ Frame 5845
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
img.fetch
udmserve.net/udm/
8 KB
3 KB
Script
General
Full URL
https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=6;cb=291702c56961238;refresh=2;
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
15580840e082818dc83661dc1ed079b920d9badc865e0ecf02f49434154ec0b1

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4fe3064b&pos=8a9698ab017474066989085b4b9e0663&cmd=bid&reserve=0.07608695652173912&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
5351c1573d281e8ddc5d00f1d1635882e4936f67c0a9eb59166af761da72747a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 17:56:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4fe3064b&pos=8a9698ab017474066989085b4b9e0663&cmd=bid&reserve=0.07608695652173912&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
eee25ace3fb09ca867fef4c1efaeb4076678e7ca87abcee54efeb106f1f205f3

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 17:56:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4fe3064b&pos=8a9698ab017474066989085b4b9e0663&cmd=bid&reserve=0.07608695652173912&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
b78f030c71bb632b532e35ca0028230bedd275ca049b388c1e2a15b0b437cf31

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 17:56:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/
38 KB
8 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
691204d90c7a7c72f31bac7d1fcdbd156fccc23d44bd431680352e6720bb49b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 17:56:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b7480fce-b32b-4703-8f43-8c4062329b6d
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
underdogmedia-d.openx.net/w/1.0/
175 B
361 B
XHR
General
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=997165ee-3667-4511-b56c-21e536aa0377%2C997165ee-3667-4511-b56c-21e536aa0377%2C997165ee-3667-4511-b56c-21e536aa0377&nocache=1622397372188&pubcid=0b1fbb57-ba94-4e75-bb6c-5c5762623ba4&schain=1.0%2C1!udmserve.net%2C2952%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90&divIds=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90&auid=540857115%2C540857115%2C540857115&aumfs=78%2C78%2C78
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
1bc7206ada912b66cb1f046f9139203272173c39e4124365f15a245795f4498a

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:12 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.upi.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/
841 B
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22435e4b8112752e5%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07368421052631578%22%2C%224454c9705ab7477%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07368421052631578%22%7D&ref=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&s=1def1146-6cd7-490d-8fef-27e7460a87ed&pv=f0c808c7-789a-4233-b4ad-5316f678ad85&vp=desktop&lib_name=prebid&lib_v=4.16.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222952%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%220b1fbb57-ba94-4e75-bb6c-5c5762623ba4%22%7D
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
11bf43ae894cd286b799dbc2c2f5df3c36a6aa5f20cdc24be369c1ad61c0e347
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:12 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
490
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/
267 B
388 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=108&profileId=185&av=32&wv=4.16.0&bundle=NwyN8l8wRjBmUU5DRSUyRkdhWXFQMElZUlZhNzRyUGM2Z0lmc3owWmZyUHI4RWtteDhqVzc2eEV4dVJpc2Y0R3IlMkZhWDVxZ2J0NWZoakQ5a0ZkemRNVE1NZ0tZRUVtZWNYdlc2N3M2cmV5OEJKcU1CbmclM0Q&cb=16272248092
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
00ccf6eb40c870d79bc2dea351a02a48b3201756e86314fd6508213bdfc29e67

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 May 2021 17:56:11 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
185
/
hb.emxdgt.com/
0
156 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=4000&ts=1622397372191&src=pbjs
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
c
prebid.a-mo.net/a/
11 KB
6 KB
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8e54c9cbfc70eaebf49dfd5dacb9963d41a891c9b8fd0b882af42e2bb6034747

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
138
content-length
5847
translator
hbopenbid.pubmatic.com/
5 KB
3 KB
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e15ea3dd1354db57b120547e334c97b3c577ce413c9763c3101af7a3454f96be

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:12 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
events
bidder.criteo.com/csm/
0
141 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.upi.com
date
Sun, 30 May 2021 17:56:11 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
img.fetch
udmserve.net/udm/ Frame 244D
0
607 B
Script
General
Full URL
https://udmserve.net/udm/img.fetch?sid=16304;tid=1;dt=7;p=1;rri=1622397372089_902560_217.138.203.212;mid=46697;zzz=%5B46697%2C1622397372%2C%22d0N8El3kLK7GGDxMCPd72g%22%5D;version=v2.6.27-confiant;cb=0.5585946947753682;refresh=2;qqq=2.631712643726324;style=slider;vis=visible;traffic_info=%7B%7D;
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:12 GMT
Expires
-1d
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
0
Content-Type
application/x-javascript
c.js
assets.a-mo.net/js/ Frame 244D
61 KB
21 KB
Script
General
Full URL
https://assets.a-mo.net/js/c.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c99df2c423cc4f6269d27da99b322066cf35699e3c140d0ea6def995a6b777

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
566
x-cache
Hit from cloudfront
content-encoding
br
cf-request-id
0a6004604100004e61feaee000000001
last-modified
Tue, 25 May 2021 18:40:23 GMT
server
cloudflare
etag
W/"e3f4a03746ff28e45ceb2a9bd85faa24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
cf-ray
6579d67a0e774e61-FRA
x-amz-cf-id
wO3-Pzb174AjlrRaXQEM2ixMDB7n1RXv1q1i0923v7SJCC_fHvge9g==
expires
Sun, 30 May 2021 18:56:12 GMT
g_pbwin
1x1.a-mo.net/hbx/
0
89 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=728&h=90&bid=62d554931af94dd&C=0&np=0.37998069522669037&a=slider-middle-728x90&ts=1622397372451&eid=64f6b3059c2ac41
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.84.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ab
nym1-ib.adnxs.com/ Frame 244D
11 KB
6 KB
Script
General
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&e=wqT_3QKNDvBMDQcAAAMA1gAFAQi8o8-FBhCakcqMvr2K_l4Y5db0sMvkwsknKjYJ5ZttbkxP9j8RIwt_Iw2w8D8ZAAAAIK5HG0AhIwt_Iw2w8D8p5ZsJJNgxAAAA4FG48j8wwcLbCTiKXECVHkgCULuv0okBWOH3hwFgAGj4kp8BeOK8BYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApUBdWYoJ2EnLCA1MDkyNDYyLCAxNjIyMzk3MzcyKTt1ZignaScsIDU3ODIxNjksIDE2Nh0ALGcnLCAxNDcyNDEzMkY7ACxjJywgNDkzOTY5NzlGHgAwcicsIDI4ODY1OTM4NzYfAPCLkgL9AyE4VmNtSVFqei1jWVhFTHV2MG9rQkdBQWc0ZmVIQVRBQU9BQkFBRWlWSGxEQnd0c0pXQUJnWFdnQWNBQjRBSUFCQUlnQkFKQUJBSmdCQUtBQkFhZ0JBN0FCQUxrQmZJTm45MGhQOWpfQkFYeURaX2RJVF9ZX3lRRUFBQUFBQUFEd1A5a0JBQUEFDjQ4RF9nQVpuMTRBTDFBUQETLENZQWdDZ0FnQzFBZwUQADkJCPBSRGdBc0hDM1Jmb0FzQ3B3NFVHOGdJQk1fZ0NBSUFEQVpnREFib0RDVTVaVFRJNk5EazNOLUFEeXl1QUJNN05oUWFJQk5QTmhRYVFCQUdZQkFIQkIBXw0BBHlRBX0JARhOZ0VBUEVFCQ0BASBDSUJmRW1xUVUBDQRBQQHECDdFRgEKCQEIREJCHT8AeRUoDEFBQU4yKAAAWi4oALA0QVdzd1Fqd0JhVFlnZ2Y0QmU3b3RnS0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEIlDAkBIHFBWUJzZ1lrQx10AEUdDABHHQwASR0MOHVBWUuaAo0BIUloREZkdzoBAixPSDNod0VnQUNnQU0dNUxPZ2xPV1UweU9qUTVOemRBeXl0SgmHFEFBOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDPCfNEFBLi7YAgDgArrJWeoCbGh0dHBzOi8vd3d3LnVwaS5jb20vQXJjaGl2ZXMvMTk4NC8wMS8yMC9Tb3VyY2VzLXNheS1kcnVnLXJpbmctb3BlcmF0ZXMtd2l0aC1wb2xpY2UtcHJvdGVjdGlvbi83NTk4NDQzNDIyODAwL_ICEQoGQURWX0lEEgc1MDkyNDYy8gISCgZDUEdfSUQSCDE0N2V9LPICEQoFQ1BfSUQSCHFzPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQABcJIGBDT0RFEgtDTy1LVFNXOFk1WvICGQoIQ1BHCRoEDTWJHDAuODkyNzXyAhgKB0NQRhsAUDkx8gIQCgVJT19JRBIHNTc4MjE2OQUuBElPRi4ASDcx8gIbCg9DVVNUT01fTU9ERUwBOBwINDk3NjY3MgUeABYyHgBATEVBRl9OQU1FEgEz8gIoCho2HgAIQVNUAUcYSUZJRUQSCoHGFDIwMTUzNgX2EFNQTElUAWDwgQEwgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDrxngAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8yMTcuMTM4LjIwMy4yMTKoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA4zODYxI05ZTTI6NDk3N9oEAggB4AQA8ASlu3T6BBIJAAAAAO-uR0ARAAAAoJkZIUCIBQGYBQCgBf8RAWABqgUQR0RVS0pKTURTVEs3VjZZScAFAMkFATsYAADwP9IFCQVHAQFw2AUB4AUB8AWC-wj6BQQIABAAkAYAmAYAuAYAwQYBIQExINAGqA_aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUgN3iz4BEAAyAfivAXSBw0VdgE4CNoHBgknMOAHAOoHAggA8AeVhA0.&s=b58663a6cb0feb6bcec67281c095480e54550f5d&pp=1.042981
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
acec09c309d07c158cc736f8b8b486c58a9c6f24fa73c411c191091e747f0639
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:13 GMT
Content-Encoding
gzip
X-Creative-ID
288659387
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 669.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com; 68.67.179.165:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
829bc5b3-c8ec-44dc-9b60-b8169990316d
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
g_rimp
1x1.a-mo.net/hbx/ Frame 244D
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_rimp?_e=CsQCMQuXVdgMsPA_qQIAAAAAAAAAANABAkIUc2xpZGVyLW1pZGRsZS03Mjh4OTDoAQDaAgEychsxMDk5OTM0OTMtMzg0MDk1MzEtNDQ2Nzc4NzhSDmFhcy1jYTExYzdjOC1h8gETNDMxNzk2MTU0NDc1ODE0NDIyNyIKXzFkcGVoMW1zb8ICBDM4NjHIAQCgAVpKC3d3dy51cGkuY29tsgIOc251c2JvbGFnZXQuc2VqC3d3dy51cGkuY29tOghhcHBuZXh1c8ABnZcFqgQDRENI6gMPNTFhY2YyNGI1NmE2ZGFhiAO1o8-FBugCBJIBATCYAr1RWghwYmExLjIuMagB2AWiAxdkVzVrWlhKa2IyZHRaV1JwWVM1amIyMPoBBjQuMTYuMLoCCTI4ODY1OTM4N-AD4EKKAQhkOTBkZjA3OKgDRngB
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.84.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 244D
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CqYCMUQpC_cSR9w_qQIAAAAAAAAAAEIUc2xpZGVyLW1pZGRsZS03Mjh4OTDoAQDaAgEychsxMDk5OTM0OTMtMzg0MDk1MzEtNDQ2Nzc4NzhSDmFhcy1jYTExYzdjOC1h8gETNDMxNzk2MTU0NDc1ODE0NDIyNyIJMWRwZWgxbXNvyAEAoAFaSgt3d3cudXBpLmNvbbICDnNudXNib2xhZ2V0LnNlagt3d3cudXBpLmNvbToFbW9uZXTAAZuXBaoEA0RDSOoDDzUxYWNmMjRiNTZhNmRhYYgDtaPPhQboAgSYAsIiWghwYmExLjIuMagB2AWiAxdkVzVrWlhKa2IyZHRaV1JwWVM1amIyMPoBBjQuMTYuMOAD4EKKAQhkOTBkZjA3OKgDRngB
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.84.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 244D
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CsQCMQuXVdgMsPA_qQIAAAAAAAAAANABAkIUc2xpZGVyLW1pZGRsZS03Mjh4OTDoAQDaAgEychsxMDk5OTM0OTMtMzg0MDk1MzEtNDQ2Nzc4NzhSDmFhcy1jYTExYzdjOC1h8gETNDMxNzk2MTU0NDc1ODE0NDIyNyIKXzFkcGVoMW1zb8ICBDM4NjHIAQCgAVpKC3d3dy51cGkuY29tsgIOc251c2JvbGFnZXQuc2VqC3d3dy51cGkuY29tOghhcHBuZXh1c8ABnZcFqgQDRENI6gMPNTFhY2YyNGI1NmE2ZGFhiAO1o8-FBugCBJIBATCYAr1RWghwYmExLjIuMagB2AWiAxdkVzVrWlhKa2IyZHRaV1JwWVM1amIyMPoBBjQuMTYuMLoCCTI4ODY1OTM4N-AD4EKKAQhkOTBkZjA3OKgDRngB
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.84.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
envelope
api.rlcdn.com/api/identity/
0
0

rid
match.adsrvr.org/track/
108 B
686 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
40af3173077907345c317551a077030604972c1012a2744881fc7d6031019642

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.upi.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 29 Jun 2021 17:56:12 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202105251317/
94 KB
31 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202105251317/wrap.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbea77c4adcedf586c9cd9b41bd83c7b789108b95db9a5cd00a1186809bdcdac

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:12 GMT
Content-Encoding
gzip
Age
894
X-Cache
HIT
Connection
keep-alive
Content-Length
30902
x-amz-id-2
9/piKQy7E58wbxdyy+FyYrtInuWaOYdV3rNmh6/2vfASMO08mth10pNo3+yu3+2l5OH4lKU0WUw=
X-Served-By
cache-fra19154-FRA
Last-Modified
Tue, 25 May 2021 17:17:33 GMT
Server
AmazonS3
X-Timer
S1622397373.899743,VS0,VE0
ETag
"478dc0d5d9cdc69b4870b4e70a8c4e04"
x-amz-request-id
S22YW6EE2S25PFZC
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
388
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=appnexus&uid=7538304888347731149
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=appnexus&uid=7538304888347731149
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:12 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid
3ea11d70-4aad-4816-906e-7f5c039febcb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=appnexus&uid=7538304888347731149
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316020461234205
49 B
910 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316020461234205
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316020461234205
Date
Sun, 30 May 2021 17:56:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=index_rtb&uid=YLPRtrIR8KdwU09DUngA4wAA%261200
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Sun, 30 May 2021 17:56:12 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=78774818-31cb-49a8-b2d7-3541243770de&pubid=5fa6044d8d
49 B
927 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=78774818-31cb-49a8-b2d7-3541243770de&pubid=5fa6044d8d
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=78774818-31cb-49a8-b2d7-3541243770de&pubid=5fa6044d8d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Sun, 30 May 2021 17:56:12 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=sovrn&uid=d936470a0e647d35dbdc392a
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=652060b3-d1b6-4200-bce9-91beab1e9d4a
49 B
927 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=652060b3-d1b6-4200-bce9-91beab1e9d4a
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:12 GMT
Server
MT3 3736 915c305 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=652060b3-d1b6-4200-bce9-91beab1e9d4a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 17:56:11 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=sonobi&bsw_custom_parameter=18991391-c571-4835-8b3b-91f8deaaa835
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=sonobi&expires=10&bsw_param=18991391-c571-4835-8b3b-91f8deaaa835
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=18991391-c571-4835-8b3b-91f8deaaa835
49 B
931 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=18991391-c571-4835-8b3b-91f8deaaa835
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=18991391-c571-4835-8b3b-91f8deaaa835
date
Sun, 30 May 2021 17:56:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
match.prod.bidr.io/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a31f7619-a863-4ba9-b420-86d41a8dc634&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACsLU7BZ6MAADDTYxIqyA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 30 May 2021 17:56:13 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
date
Sun, 30 May 2021 17:56:12 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:857
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&apid=UP4f9031f8-c170-11eb-b577-02a92b7887b4
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
0
124 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Sun, 30 May 2021 17:56:12 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP4f9031f8-c170-11eb-b577-02a92b7887b4&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=90e4c984-9404-46b6-b244-9daf4d890743&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eUFKZDZNRUlqbnMxUE0tSE15V3R3QQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEH_5q26GpYPy9VNmyhe51Gc&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oS7GXksnNUOD
49 B
907 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oS7GXksnNUOD
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oS7GXksnNUOD
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-555c8fd69d-hmqmb
expires
-1
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D6dfaf445-6a3d-43e5-a0d1-6ea619b5751a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
0
120 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

location
https://prebid.a-mo.net/setuid?A=6dfaf445-6a3d-43e5-a0d1-6ea619b5751a&D=&bidder=pubmatic&uid=B23CC141-498E-401C-808E-CBA2C011B4E6
date
Sun, 30 May 2021 17:56:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
match.prod.bidr.io/
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACsLU7BZ6MAADDTYxIqyA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=ox&bee_sync_hop_count=1&userid=5753354653074265305
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=ox&bee_sync_hop_count=1&userid=5753354653074265305
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 30 May 2021 17:56:16 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=ox&bee_sync_hop_count=1&userid=5753354653074265305
pragma
no-cache
date
Sun, 30 May 2021 17:56:15 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159955
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7538304888347731149
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_20c3396b-fcb0-41ac-8b82-5dbdad2b5b8e
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
108 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 30 May 2021 17:56:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:426
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4E0D
43 B
344 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=5fc13c1d-8cef-8b76-9a05-75a6629635f8
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:13 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4E0D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:13 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2685190894431413257&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 May 2021 17:56:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 4E0D
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=2EHKXDnDiaK8f7uG2bzEog==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
s6l3slhdquo64o262c80fnd4trndcvqe

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
93d02624-00e9-a2c5-6bdc-e1c4f5f23351
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4E0D
43 B
587 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/93d02624-00e9-a2c5-6bdc-e1c4f5f23351?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4E0D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=v7omzSK31LNpFC5
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=v7omzSK31LNpFC5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:15 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-06dc1c09a183d011e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=v7omzSK31LNpFC5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4E0D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=18991391-c571-4835-8b3b-91f8deaaa835
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk12be4e43-9d70-4b6b-968d-19c1118d5d48&expires=7&user_group=5&ssp=openx&bsw_param=18991391-c571-4835-8b3b-91f8deaaa835
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=18991391-c571-4835-8b3b-91f8deaaa835
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=18991391-c571-4835-8b3b-91f8deaaa835
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:15 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=18991391-c571-4835-8b3b-91f8deaaa835
date
Sun, 30 May 2021 17:56:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 76B2
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.upi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI1NzQ1NzUyMzgxNDY5Mjg3MTczIiwiZXhwaXJlcyI6IjIwMjEtMDYtMTNUMTc6NTY6MDYuMDkwODc0NjczWiJ9LCJydWJpY29uIjp7InVpZCI6IktQQkhJM1M4LTMtNkJSMCIsImV4cGlyZXMiOiIyMDIxLTA4LTI4VDE3OjU2OjA2WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjE1NzI4NDE3MDQ2ODg2MjE0MTIwIiwiZXhwaXJlcyI6IjIwMjEtMDgtMjhUMTc6NTY6MDZaIn0sInNoYXJldGhyb3VnaCI6eyJ1aWQiOiIxM2VkN2M2Ny02ZGJmLTQ1MmItYmYyNy01NjhjMmY4NThmYTMiLCJleHBpcmVzIjoiMjAyMS0wOC0yOFQxNzo1NjowN1oifX0sImJkYXkiOiIyMDIxLTA1LTMwVDE3OjU2OjA2LjA5MDg2OTM3OVoifQ==; uuid2=7538304888347731149; icu=ChgI-7AlEAoYASABKAEwvKPPhQY4AUABSAEQvKPPhQYYAA..; anj=dTM7k!M40*hK:95ghqdmU(7TK_%K1k!]tcZ8bhzs#DNB)PYwUr*Zg3ITHC(Y^dF9g^-n7QNaad8pCLYg*r>.G[jFLG9ozk:RD`f6griDo24k$*%w'1n(<M1enjD%:@#.fg?u>LQgbZ31T4#KL=XB6[TPBI9JaY.6T+`rD=N.`-R@Uf]tJx$_3I?+O#y%pa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 31 May 2021 17:56:15 GMT
Date
Sun, 30 May 2021 17:56:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame 244D
0
825 B
Script
General
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&e=wqT_3QKNDvDtDQcAAAMA1gAFAQi8o8-FBhCakcqMvr2K_l4Y5db0sMvkwsknKjYJm73xCUxP9j8RC5dV2Ayw8D8ZAAAAIK5HG0AhIwt_Iw2w8D8p5ZttbkxP9j8xAAAA4FG48j8wwcLbCTiKXECVHkgCULuv0okBWOH3hwFgAGj4kp8BeOK8BYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApUBdWYoJ2EnLCA1MDkyNDYyLCAxNjIyMzk3MzcyKTt1ZignaScsIDU3ODIxNjksIDE2MjIzOTczNzIpOwEdLGcnLCAxNDcyNDEzMkY7AChjJywgNDkzOTY5N0o8ADByJywgMjg4NjU5Mzg3Nj0A8IuSAv0DIThWY21JUWp6LWNZWEVMdXYwb2tCR0FBZzRmZUhBVEFBT0FCQUFFaVZIbERCd3RzSldBQmdYV2dBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQWFnQkE3QUJBTGtCZklObjkwaFA5al9CQVh5RFpfZElUX1lfeVFFQUFBQUFBQUR3UDlrQkFBQQUONDhEX2dBWm4xNEFMMUFRARMsQ1lBZ0NnQWdDMUFnBRAAOQkI8FJEZ0FzSEMzUmZvQXNDcHc0VUc4Z0lCTV9nQ0FJQURBWmdEQWJvRENVNVpUVEk2TkRrM04tQUR5eXVBQk03TmhRYUlCTlBOaFFhUUJBR1lCQUhCQgFfDQEEeVEFfQkBGE5nRUFQRUUJDQEBIENJQmZFbXFRVQENBEFBAcQIN0VGAQoJAQhEQkIdPwB5FSgMQUFBTjIoAABaLigAsDRBV3N3UWp3QmFUWWdnZjRCZTdvdGdLQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQiUMCQEgcUFZQnNnWWtDHXQARR0MAEcdDABJHQw4dUFZS5oCjQEhSWhERmR3OgECLE9IM2h3RWdBQ2dBTR01TE9nbE9XVTB5T2pRNU56ZEF5eXRKCYcUQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0M8J80QUEuLtgCAOACuslZ6gJsaHR0cHM6Ly93d3cudXBpLmNvbS9BcmNoaXZlcy8xOTg0LzAxLzIwL1NvdXJjZXMtc2F5LWRydWctcmluZy1vcGVyYXRlcy13aXRoLXBvbGljZS1wcm90ZWN0aW9uLzc1OTg0NDM0MjI4MDAv8gIRCgZBRFZfSUQSBzUwOTI0NjLyAhIKBkNQR19JRBIIMTQ3ZX0s8gIRCgVDUF9JRBIIcXM88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAAFwkgYENPREUSC0NPLUtUU1c4WTVa8gIZCghDUEcJGgQNNYkcMC44OTI3NfICGAoHQ1BGGwBQOTHyAhAKBUlPX0lEEgc1NzgyMTY5BS4ESU9GLgBINzHyAhsKD0NVU1RPTV9NT0RFTAE4HAg0OTc2NjcyBR4AFjIeAEBMRUFGX05BTUUSATPyAigKGjYeAAhBU1QBR0BJRklFRBIKMTYyMjIwMTUzNgX2EFNQTElUAWDwgQEwgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDrxngAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8yMTcuMTM4LjIwMy4yMTKoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA4zODYxI05ZTTI6NDk3N9oEAggB4AQA8ASlu3T6BBIJAAAAAO-uR0ARAAAAoJkZIUCIBQGYBQCgBf8RAWABqgUQR0RVS0pKTURTVEs3VjZZScAFAMkFATsYAADwP9IFCQVHAQFw2AUB4AUB8AWC-wj6BQQIABAAkAYAmAYAuAYAwQYBIQExINAGqA_aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUgN3iz4BEAAyAfivAXSBw0VdgE4CNoHBgknMOAHAOoHAggA8AeVhA0.&s=0a13efb8ea60cf9f9aea6dda3f69cb57012fd1f1&bdref=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F,https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:13 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 669.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com; 68.67.161.139:80
AN-X-Request-Uuid
d3451733-4f9b-4f63-81d4-7f6a1524b8d4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame 244D
0
825 B
Image
General
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&e=wqT_3QK6C_DtugUAAAMA1gAFAQi8o8-FBhCakcqMvr2K_l4Y5db0sMvkwsknKjYJm73xCUxP9j8RC5dV2Ayw8D8ZAAAAIK5HG0AhIwt_Iw2w8D8p5ZttbkxP9j8xAAAA4FG48j8wwcLbCTiKXECVHkgCULuv0okBWOH3hwFgAGj4kp8BeOK8BYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApUBdWYoJ2EnLCA1MDkyNDYyLCAxNjIyMzk3MzcyKTt1ZignaScsIDU3ODIxNjksIDE2MjIzOTczNzIpOwEdLGcnLCAxNDcyNDEzMkY7AChjJywgNDkzOTY5N0o8ADByJywgMjg4NjU5Mzg3Nj0A8IuSAv0DIThWY21JUWp6LWNZWEVMdXYwb2tCR0FBZzRmZUhBVEFBT0FCQUFFaVZIbERCd3RzSldBQmdYV2dBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQWFnQkE3QUJBTGtCZklObjkwaFA5al9CQVh5RFpfZElUX1lfeVFFQUFBQUFBQUR3UDlrQkFBQQUONDhEX2dBWm4xNEFMMUFRARMsQ1lBZ0NnQWdDMUFnBRAAOQkI8FJEZ0FzSEMzUmZvQXNDcHc0VUc4Z0lCTV9nQ0FJQURBWmdEQWJvRENVNVpUVEk2TkRrM04tQUR5eXVBQk03TmhRYUlCTlBOaFFhUUJBR1lCQUhCQgFfDQEEeVEFfQkBGE5nRUFQRUUJDQEBIENJQmZFbXFRVQENBEFBAcQIN0VGAQoJAQhEQkIdPwB5FSgMQUFBTjIoAABaLigAsDRBV3N3UWp3QmFUWWdnZjRCZTdvdGdLQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQiUMCQEgcUFZQnNnWWtDHXQARR0MAEcdDABJHQw4dUFZS5oCjQEhSWhERmR3OgECLE9IM2h3RWdBQ2dBTR01TE9nbE9XVTB5T2pRNU56ZEF5eXRKCYcUQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0M9MQBNEFBLi7YAgDgArrJWeoCbGh0dHBzOi8vd3d3LnVwaS5jb20vQXJjaGl2ZXMvMTk4NC8wMS8yMC9Tb3VyY2VzLXNheS1kcnVnLXJpbmctb3BlcmF0ZXMtd2l0aC1wb2xpY2UtcHJvdGVjdGlvbi83NTk4NDQzNDIyODAwL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA68Z4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQPMjE3LjEzOC4yMDMuMjEyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMzg2MSNOWU0yOjQ5NzfaBAIIAeAEAPAEu6_SiQH6BBIJAAAAAO-uR0ARAAAAoJkZIUCIBQGYBQCgBf___________wGqBRBHRFVLSkpNRFNUSzdWNllJwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFgvsI-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBqgP2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADj4BEAAyAfivAXSBw0JAAAABUMcEAAYANoHBggFCTDgBwDqBwIIAPAHlYQN&s=cb30ffc690f190aaa1c3430c0458088c8cea381b
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:13 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 669.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com; 68.67.179.231:80
AN-X-Request-Uuid
ad12d3b2-d831-42ea-bba8-5fcc971645bc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/209/ Frame 244D
87 KB
30 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/209/trk.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4f87eb2fd81448ae30cbd4d65fb30d717d22e580ca7d481b8c3f7473318b7cc

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 07:54:33 GMT
Server
AkamaiNetStorage
ETag
"6e3cd651011131b57d34070ddf9fc80c:1621410873.256288"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30037
Expires
Mon, 30 May 2022 17:56:14 GMT
feadbfb3-92fa-465d-a163-210cd35cd987
cdn2.match2one.net/105050/creatives/ Frame 244D
50 KB
51 KB
Image
General
Full URL
https://cdn2.match2one.net/105050/creatives/feadbfb3-92fa-465d-a163-210cd35cd987
Requested by
Host: www.upi.com
URL: https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f29f7c4a48c46b6a6e8b053fb00323e00123d691e37c5a5226d432ea7a856ba

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:13 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
39805
cf-ray
6579d67df99b0742-FRA
content-length
51697
x-amz-id-2
xU10zqJqYIdB3VxriTPpU97Q8mknpd3GdWjPRovrC+Dju/8FEPFY6srwwLMI2obv/sVY9WCLTEE=
last-modified
Fri, 04 Dec 2020 13:34:14 GMT
server
cloudflare
etag
"177eece37b4c4295a76adb1068a0ea50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4D4uSKSpPJwbyTp%2BWAzKamClhgijEpr5QpdE4vTcmbpZvTHqCrRwk78qxCNL6Mbi5CsNEZv3WMdPR6VeH6CW8lSRk9GEhLHn1wt2iGpKWuMCVlmN5PxV4GqQeLHIaGOpsTfE%2BymQgvnck7U%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
F5Q6HFH7XZQMAGAM
cache-control
max-age=14400
cf-request-id
0a600462bb00000742fd150000000001
accept-ranges
bytes
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame A543
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e717996f5607537ed723a320f33924f674aa6aa1bd768bd0ca0475f964c23757

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73525
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9266
Expires
Mon, 31 May 2021 14:21:38 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A543
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPBHI3S8-3-6BR0&ex=d-rubiconproject.com&status=ok
43 B
344 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPBHI3S8-3-6BR0&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:15 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPBHI3S8-3-6BR0&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
709414.gif
id.rlcdn.com/ Frame A543
0
66 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:15 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A543
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=652060b3-d1b6-4200-bce9-91beab1e9d4a
42 B
766 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=652060b3-d1b6-4200-bce9-91beab1e9d4a
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Date
Sun, 30 May 2021 17:56:13 GMT
Server
MT3 3736 915c305 master zrh-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=652060b3-d1b6-4200-bce9-91beab1e9d4a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 May 2021 17:56:12 GMT
tap.php
pixel.rubiconproject.com/ Frame A543
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Exkfb_Na7_eQUc9U9rSkVw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1873987793982307029
42 B
766 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1873987793982307029
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Sun, 30 May 2021 17:56:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1873987793982307029
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A543
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGb2S4QStrc2bmqc_j2SZr8&google_cver=1
42 B
766 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGb2S4QStrc2bmqc_j2SZr8&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGb2S4QStrc2bmqc_j2SZr8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame A543
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A543
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCSEkzUzgtMy02QlIw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCSEkzUzgtMy02QlIw
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCSEkzUzgtMy02QlIw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A543
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ5Yjc1MjY2YmQ3YTk3NTY4YWJmNmYzMmQ4OGRiODBmMTUwYzY0MA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ5Yjc1MjY2YmQ3YTk3NTY4YWJmNmYzMmQ4OGRiODBmMTUwYzY0MA
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTQ5Yjc1MjY2YmQ3YTk3NTY4YWJmNmYzMmQ4OGRiODBmMTUwYzY0MA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame A543
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBHI3S8-3-6BR0&sigv=1&esig=2~69edbbcdefb49382ae06ac91125daeefded5949c
0
445 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBHI3S8-3-6BR0&sigv=1&esig=2~69edbbcdefb49382ae06ac91125daeefded5949c
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_ox-db5_dm_cnv_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:15 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPBHI3S8-3-6BR0&sigv=1&esig=2~69edbbcdefb49382ae06ac91125daeefded5949c
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 76B2
0
753 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11786&pub_id=1767266&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11786&pub_id=1767266
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid
7dc27069-500d-46a9-b87a-e4c3fdbc066f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 244D
0
842 B
Ping
General
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&e=wqT_3QK6C_DtugUAAAMA1gAFAQi8o8-FBhCakcqMvr2K_l4Y5db0sMvkwsknKjYJm73xCUxP9j8RC5dV2Ayw8D8ZAAAAIK5HG0AhIwt_Iw2w8D8p5ZttbkxP9j8xAAAA4FG48j8wwcLbCTiKXECVHkgCULuv0okBWOH3hwFgAGj4kp8BeOK8BYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApUBdWYoJ2EnLCA1MDkyNDYyLCAxNjIyMzk3MzcyKTt1ZignaScsIDU3ODIxNjksIDE2MjIzOTczNzIpOwEdLGcnLCAxNDcyNDEzMkY7AChjJywgNDkzOTY5N0o8ADByJywgMjg4NjU5Mzg3Nj0A8IuSAv0DIThWY21JUWp6LWNZWEVMdXYwb2tCR0FBZzRmZUhBVEFBT0FCQUFFaVZIbERCd3RzSldBQmdYV2dBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQWFnQkE3QUJBTGtCZklObjkwaFA5al9CQVh5RFpfZElUX1lfeVFFQUFBQUFBQUR3UDlrQkFBQQUONDhEX2dBWm4xNEFMMUFRARMsQ1lBZ0NnQWdDMUFnBRAAOQkI8FJEZ0FzSEMzUmZvQXNDcHc0VUc4Z0lCTV9nQ0FJQURBWmdEQWJvRENVNVpUVEk2TkRrM04tQUR5eXVBQk03TmhRYUlCTlBOaFFhUUJBR1lCQUhCQgFfDQEEeVEFfQkBGE5nRUFQRUUJDQEBIENJQmZFbXFRVQENBEFBAcQIN0VGAQoJAQhEQkIdPwB5FSgMQUFBTjIoAABaLigAsDRBV3N3UWp3QmFUWWdnZjRCZTdvdGdLQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQiUMCQEgcUFZQnNnWWtDHXQARR0MAEcdDABJHQw4dUFZS5oCjQEhSWhERmR3OgECLE9IM2h3RWdBQ2dBTR01TE9nbE9XVTB5T2pRNU56ZEF5eXRKCYcUQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0M9MQBNEFBLi7YAgDgArrJWeoCbGh0dHBzOi8vd3d3LnVwaS5jb20vQXJjaGl2ZXMvMTk4NC8wMS8yMC9Tb3VyY2VzLXNheS1kcnVnLXJpbmctb3BlcmF0ZXMtd2l0aC1wb2xpY2UtcHJvdGVjdGlvbi83NTk4NDQzNDIyODAwL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA68Z4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQPMjE3LjEzOC4yMDMuMjEyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMzg2MSNOWU0yOjQ5NzfaBAIIAeAEAPAEu6_SiQH6BBIJAAAAAO-uR0ARAAAAoJkZIUCIBQGYBQCgBf___________wGqBRBHRFVLSkpNRFNUSzdWNllJwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFgvsI-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBqgP2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADj4BEAAyAfivAXSBw0JAAAABUMcEAAYANoHBggFCTDgBwDqBwIIAPAHlYQN&s=cb30ffc690f190aaa1c3430c0458088c8cea381b&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=8682528021844670818&vd=ct~0|rr~0&sv=209&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20373825&sw=1600&sh=1200&pw=1600&ph=4478&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/209/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 669.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com; 68.67.160.87:80
AN-X-Request-Uuid
84e81aba-d2d6-4b93-9a5e-ccc1d2476ba7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 244D
0
844 B
Ping
General
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&e=wqT_3QK6C_DtugUAAAMA1gAFAQi8o8-FBhCakcqMvr2K_l4Y5db0sMvkwsknKjYJm73xCUxP9j8RC5dV2Ayw8D8ZAAAAIK5HG0AhIwt_Iw2w8D8p5ZttbkxP9j8xAAAA4FG48j8wwcLbCTiKXECVHkgCULuv0okBWOH3hwFgAGj4kp8BeOK8BYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApUBdWYoJ2EnLCA1MDkyNDYyLCAxNjIyMzk3MzcyKTt1ZignaScsIDU3ODIxNjksIDE2MjIzOTczNzIpOwEdLGcnLCAxNDcyNDEzMkY7AChjJywgNDkzOTY5N0o8ADByJywgMjg4NjU5Mzg3Nj0A8IuSAv0DIThWY21JUWp6LWNZWEVMdXYwb2tCR0FBZzRmZUhBVEFBT0FCQUFFaVZIbERCd3RzSldBQmdYV2dBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQWFnQkE3QUJBTGtCZklObjkwaFA5al9CQVh5RFpfZElUX1lfeVFFQUFBQUFBQUR3UDlrQkFBQQUONDhEX2dBWm4xNEFMMUFRARMsQ1lBZ0NnQWdDMUFnBRAAOQkI8FJEZ0FzSEMzUmZvQXNDcHc0VUc4Z0lCTV9nQ0FJQURBWmdEQWJvRENVNVpUVEk2TkRrM04tQUR5eXVBQk03TmhRYUlCTlBOaFFhUUJBR1lCQUhCQgFfDQEEeVEFfQkBGE5nRUFQRUUJDQEBIENJQmZFbXFRVQENBEFBAcQIN0VGAQoJAQhEQkIdPwB5FSgMQUFBTjIoAABaLigAsDRBV3N3UWp3QmFUWWdnZjRCZTdvdGdLQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQiUMCQEgcUFZQnNnWWtDHXQARR0MAEcdDABJHQw4dUFZS5oCjQEhSWhERmR3OgECLE9IM2h3RWdBQ2dBTR01TE9nbE9XVTB5T2pRNU56ZEF5eXRKCYcUQUE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0M9MQBNEFBLi7YAgDgArrJWeoCbGh0dHBzOi8vd3d3LnVwaS5jb20vQXJjaGl2ZXMvMTk4NC8wMS8yMC9Tb3VyY2VzLXNheS1kcnVnLXJpbmctb3BlcmF0ZXMtd2l0aC1wb2xpY2UtcHJvdGVjdGlvbi83NTk4NDQzNDIyODAwL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA68Z4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQPMjE3LjEzOC4yMDMuMjEyqAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMzg2MSNOWU0yOjQ5NzfaBAIIAeAEAPAEu6_SiQH6BBIJAAAAAO-uR0ARAAAAoJkZIUCIBQGYBQCgBf___________wGqBRBHRFVLSkpNRFNUSzdWNllJwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFgvsI-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBqgP2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADj4BEAAyAfivAXSBw0JAAAABUMcEAAYANoHBggFCTDgBwDqBwIIAPAHlYQN&s=cb30ffc690f190aaa1c3430c0458088c8cea381b&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=8682528021844670818&vd=ct~0|rr~5&sv=209&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20373825&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/209/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:15 GMT
X-Proxy-Origin
217.138.203.212; 217.138.203.212; 669.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com; 204.13.193.107:80
AN-X-Request-Uuid
23e6270a-0bb3-46f1-9b91-6a4cf6e4d127
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.upi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
comments.php
www.facebook.com/v10.0/plugins/ Frame E985
0
0
Document
General
Full URL
https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1571c4c108ce84%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=8&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1571c4c108ce84%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=8&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
0MRz8PPHfiy4vFY4/srzC8U7c8u9IEXjYD0DOyNgkoQdXOkQiemt3ar/zOz8fneHEcMMwz2PODk9xbOwUV69jg==
content-length
0
date
Sun, 30 May 2021 17:56:16 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
comments.php
www.facebook.com/v10.0/plugins/ Frame B870
0
0
Document
General
Full URL
https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd6954936943f%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=7&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd6954936943f%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=7&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
TAGGyVFW1R0t+DSj/g3Jip8pi7kS+p87048aY4RDLwbcecHI7/8KejEd76EewmEFVcAn2Q+AE6qb2D7avgVnkg==
content-length
0
date
Sun, 30 May 2021 17:56:16 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c20cca1847a2619e9fe4abf14a8697e2b0aa81a649785f553bcd9e76e487c870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 17:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7672
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 89EA
0
326 B
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.upi.com&gdpr=0&gdpr_consent=
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.upi.com&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1967
set-cookie
uid=f55187b7-faea-4930-9567-0fa76db801a8; expires=Mon, 30 May 2022 17:56:15 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 30 May 2021 17:56:15 GMT
content-length
0
comments.php
www.facebook.com/v10.0/plugins/ Frame 81B5
0
0
Document
General
Full URL
https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28a078da432788%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28a078da432788%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
mWFnSEoz9V8egRxIt8SYPtXxok7d6K6tpzF6THOTV8NSWH9EN1IZvtAyxCT1eVMyS+CyKPi6I75f75xrjQJnqg==
content-length
0
date
Sun, 30 May 2021 17:56:16 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
comments.php
www.facebook.com/v10.0/plugins/ Frame 8C1D
0
0
Document
General
Full URL
https://www.facebook.com/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd21367536e94%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/comments.php?app_id=130795020312660&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd21367536e94%26domain%3Dwww.upi.com%26origin%3Dhttps%253A%252F%252Fwww.upi.com%252Ff3bd0cc5f2d3964%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=https%3A%2F%2Fupi.com%2F4511294&locale=en_US&sdk=joey&version=v10.0&width=550
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
+OzaQ5z6d970GXwLYQGtQk3dXWYihk4J7BHCfwQQAZTODXs8lmb5VRpXqN1VF8oJjAMLUu+Dp3TUj4sLeRgnrA==
content-length
0
date
Sun, 30 May 2021 17:56:16 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
csi
csi.gstatic.com/ Frame 8FAC
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~kpbhi776&c=323674518006735&ctx=2&qqid=COqq25X98fACFb3auwgd-e4OHg&met.6=6.1_CgsYukUgSyoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7D1B
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=6~kpbhi776&c=323674518006735&ctx=2&qqid=CNO2sZX98fACFU_juwgdirwKVQ&met.6=6.1_CgsYvE0gSyoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E0F4
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~kpbhi777&c=323674518006735&ctx=2&qqid=CO2q25X98fACFb3auwgd-e4OHg&met.6=6.1_CgsY00QgSyoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DF43
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~kpbhi777&c=323674518006735&ctx=2&qqid=CP2HxJX98fACFQRG5Qod2WgFWA&met.6=6.1_CgsY-UogSyoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F3BE
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~kpbhi777&c=323674518006735&ctx=2&qqid=COuq25X98fACFb3auwgd-e4OHg&met.6=6.1_CgsYh0UgSyoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.upi.com&doc=complete&pg_h=4478&pg_w=1600&pg_hs=4478&c=6&aa_c=0&av_h=228.333&av_w=667.917&av_a=127125&s=127.500&all_s=127.500&b=-450&all_b=-450&d=0.306&all_d=0.306&ard=0.106&all_ard=0.106&dt=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 17:56:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9943
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 17:01:17 GMT
expires
Mon, 30 May 2022 17:01:17 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3299
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 954F
783 B
782 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
57ded6228552eb631cdbe0539258fd9e8f40568cd30388e42a1490c4d4d952a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BVDXdgpuekZ06rq38vxSgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.upi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.upi.com/

Response headers

expires
Sun, 30 May 2021 17:56:16 GMT
date
Sun, 30 May 2021 17:56:16 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BVDXdgpuekZ06rq38vxSgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 9943
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
12757
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 14:23:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052401&jk=323674518006735&bg=!jI-lj8vNAAaMan2LjGo7ACkAdvg8WijiOADDABP-IScLMOKqkbwtkzovCCwRhqWjIJzgZk40JKVZDgIAAABeUgAAAAtoAQcKASt5qgAq8UclRtP1SWF4zbXIMds6TX-xdytWwVT5U5jjq1hefmMBu2Q4r_Xia3PZNsMdWUqYtHvEc-U8d0zgJUyDfNebYpA8QLg3XxMB_ktkRTKkF83740KeOmqsasYRo8qyYix8o34mCitW3Mjk14hDMLl75H-4e_tpef6LahKnLm9tsAvuCySeGtOWt6sYv36SIxojDqTr299pzZdEpmPKE2a15tZMMamhJ0g2iDntWoW9OaEjimI3qXp58ggIypPdoikC0jeesvfknlIOmYtNv7zGWV9ZrRNVfbeTsYSbqN8FumtmlsoGaj2NntLjI8yezX7zsyWlrkkNskGBXXIAyPvTqSxTKZtdNzHWiUPJ3bmeg3CjZfwNvom_h7TyWcMFqV7Otw-I3-UGR5kCMy-BfF4WVlr9wr0UULEwDHcNj_RldlCOTN2klH4HZFhuaRGddtdv15qzYBDzx312vKJPSzpX68tpsVgLGWQKpyV4URsx8B4PDUwEGaEpq_SxRjeYUB9F0vA-uw4T2qtvMPX2vEoNF_1biH5-uqWoJide9c7rJ5b96QTVfaKYVHy54Je9SojN66mT2LcZp1vNisNyGWzcibFbFpU5cTb7IU2QqFfTQR2PmgEmcIQxoofkN_CQjCySu52PT0YPwPL0ODYqNLFH-lQ5ksXY_VUQrJvkIeEECe8-Ny83VkABEiwyHPv0w6ERs9LI7aeDzeaHZy3NBx-GqWKnvoXGk3WdBKMkvc6_G4vQZxu83ul5QYd9b-8fJV446ofyvN3kAzCTTpr8VYrYbH83w1LvBeWYUfu6Vr2mF0VySweVRrmWKF_68KGGjN6f_dik7EUHq2gIHN99jqZJjmD6Xe_zX5qAYA0VQ4yjlya_3M_Z2kACwS3e6UUIeYa05JGRdnoHerFMw4dfG05UAFdGn3VciOVDJIKpAQgMabPd5wjS7-UbpEpQudYYcwM_UpC2Dv_h4sE-dMJ9wGrNG2B7MjprgtLix2M2cLe1VJqJJmKSL-y2vmMjrvUhs6o2gOfqCydUcFp0yr1VIjzdTWjGi9XMzDp7t1ite39pXVkakZ1-QAEWjOouQUZJyTATyq4mhvKtCeUAJqOmXiRmJeY9ZQ0CrkbJ-npWwUFqRSpSI91Z-ksJ0vbmin7U
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DEF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=86.0000&a1=https&f1=layout_html&s1=0&d1=10.0000&i=498430647996&t=419&c=p&qqi=CP2HxJX98fACFQRG5Qod2WgFWA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~kpbhi5ad&c=323674518006735&e=31060413%2C31061003%2C31061149%2C21066613%2C21066615%2C21067088&ctx=1&met.3=129.3n3~713.3nk~713.3nl~143.3nj_3~598.3nn~598.3nn~715.3nn~598.3nn~598.3nn~715.3nn~598.3nn~598.3nn~715.3nn~598.3nn~598.3nn~715.3nn~143.3qf_2~143.3t9_2~129.3u1~680.3uv~132.3uv~680.3uv~680.3uv~824.3uv~824.3uv~824.3uv~824.3uv~598.3uv~598.3uw~715.3uv~598.3uw~598.3uw~715.3uw~680.3uw~680.3uw~680.3uw~143.3w3_3~143.3yy_2~680.40f~132.40f~680.40g~680.40g~680.40g~680.40g~680.40g~129.410~680.41u~132.41u~680.41u~680.41u~680.41u~680.41u~680.41u~143.41u_2~143.44o_2~143.47i_2~129.47y~143.4ac_2~143.4d6_2~129.4ew~143.4g0_2~143.4iu_2~143.4lp_2~129.4lu~143.4oj_2~680.4qz~132.4qz~680.4qz~680.4qz~680.4qz~680.4qz~680.4qz~143.4rd_2~76.4sv~129.4sx~143.4u7_2~143.4x1_2~129.4zv~143.4zw_2~143.52q_2~143.55k_2~129.56u~143.58e_1~143.5b7_1~680.5di~132.5di~680.5di~680.5dj~680.5dj~680.5dj~680.5dj~129.5ds~143.5e1_2~680.5ef~132.5ef~680.5eg~680.5eg~680.5eg~680.5eg~680.5eg~816.5fg~573.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~598.5fg~54.5fg~573.5fg~816.5hn~573.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~598.5hn~54.5hn~573.5hn~143.5i6_2~129.5kq~143.5kz_1~143.5nt_2~143.5qn_1~129.5ro~143.5tg_2~143.5wa_1~129.5yn~143.5z4_2~143.61y_1~143.64s_1~129.65l~143.67l_2~143.6ae_1~129.6cj~143.6d8_2~143.6g2_1~143.6iw_1~129.6jh~143.6lq_2~143.6ok_2~129.6qg~86.6r2~86.6r2~76.6r2~143.6rf_2~143.6u9_1~143.6x2_1~129.6xe~143.6zw_1~143.72v_2~129.74d~143.75p_1~143.78i_2~129.7bb~143.7bc_1~680.7bq~132.7bq~680.7bq~680.7br~680.7br~680.7br~680.7br~143.7e5_1~143.7gz_2~680.7h8~132.7h8~680.7h8~680.7h8~680.7h8~680.7h8~680.7h8~129.7i9~143.7js_2~143.7mm_1~129.7p7~143.7pf_1~143.7s8_1~143.7v2_2~129.7w6~143.7xv_1~143.80p_1~129.834~143.83j_1~143.86c_1~143.895_1~129.8a2~143.8bz_1~143.8es_1~129.8h0~143.8hl_1~143.8ke_1~143.8n8_1~129.8nz~143.8q1_1~143.8su_1~129.8ux~143.8vn_1~143.8yh_1~143.91a_1~129.91v~143.943_6~143.971_1~129.98t~143.99u_1~143.9co_1~143.9fh_1~129.9fr~143.9ia_1~94.9l1~816.9l1~573.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~598.9l1~54.9l1~573.9l1~816.9m2~573.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~598.9m2~54.9m2~573.9m2~130.9mf~154.9mf~143.9n2_2~573.9n7~598.9n7~598.9n7~598.9n7~598.9n7~598.9n7~598.9n7~598.9n7~598.9n7~598.9n7~598.9n7~598.9n8~113.9n6_3~129.9na~680.9p7~132.9p7~680.9p7~680.9p7~680.9p7~680.9p7~680.9p7~153.9pj~143.9pw_1~143.9sp_1~129.9u8~143.9vi_1~143.9yc_1~143.a15_1~143.a3y_1~143.a6r_1~143.a9k_2~143.ace_1~143.af7_1&met.7=CBsQARgBIJwkKJwkMJknOP4CwAGkoPylBw~CBsQDSC6EDiCGcABqdHo7QQ~CBsQBiCmKDixAcABrozArwU~CBsQDSC6EDidGsABqdHo7QQ~CBsQDSC7EDiPG8ABqdHo7QQ~CBsQDSC-EDjRH8AB3vy7mwo~CBsQDSC_EDjQH8AB2uGGnQE~CBsQDSDAEDjOH8AB88ekNw~CBsQDSDCEDjNH8ABgOGgyAs~CBsQBiD_LzgTwAG6wYDkAg~CBsQCiCNMDg3wAGQmoHGDA~CBsQDSDQMDg0wAGQmoHGDA~CBsQBSCNNjgdwAHsm-jbCw~CBsQBSCNNjgfwAHm2_MF~CBsQBSCQNjgkwAHsm-jbCw~CBsQBSCONjhEwAHm2_MF~CBsQBiC3NjhmwAH3kqXrDA~CBsQBiDkNjhmwAH2rJzADg~~~~~CBsQBiDJNzhlwAH048_mCg~CBsQDSDPMzizBcABtc6h7g4~CBsQBiD-ODhlwAHa9LKLCw~CBsQBiDrPjhlwAGbj8PyDQ~CBsQCiCqPzjDAsAB55efgwo~CBsQDSD3QTg-wAGA4aDICw~CBsQDSD2QThcwAHzx6Q3~CBsQDSD4QThiwAHxteAY~CBsQDSDzQTh5wAHp_P2pDA~~CBsQDSDyQTiSAcABqdHo7QQ~CBsQDSDyQTiUAcABqdHo7QQ~CBsQDSDzQTiUAcAB3vy7mwo~CBsQDSDyQTibAcABqdHo7QQ~CBsQDSD0QTi2AcAB2uGGnQE~CBsQDSD3QTjvAcAB5IOfqA0~CBsQBiCBRDjJAsABoPjrvAc~CBsQDSCSRzgcwAGYu4__DA~CBsQCiCJDzinOMABi62phAc~CBsQDSCSRzgpwAHAq5a_Ag~CBsQCiC1RzgWwAGG59f4BA~CBsQBiDdRzhkwAH3kqXrDA~CBsQBiDhRzhlwAH2rJzADg~CBsQBiDkRzhlwAH048_mCg~CBsQBiCpSDgowAHsm-jbCw~CBsQBiDuRzhlwAGbj8PyDQ~CBsQBiCESDhlwAHa9LKLCw~CBsQBiDXRzixAcABnaiV1AU~CBsQBiCLDzi3OsABy5Dc1gM~CBsQBiDaRzjXCMABx5Dt5AU~CBsQBiDcRzjvCMABlKiGxAU~CBsQBiDlRziCCcABlvOAtgU~CBsQBiCvUDhVwAHfyYqgCA~CBsQBiDPUjgrwAGBw9mnCw~CBsQBiDmXTggwAH7k-jFDA~CBsQBiDFYDgqwAGqnoXRDA~CBsQCDi7YcABmJieiws~CBsQBSD7YDhGwAGKg8TEAg~CBsQBSCAYThDwAGKg8TEAg~CCcQDRgBILdhKLdhMNxhOCVQt2FYyWFgvGFoyWFw22F4vT-AAfg7iAHkTrABAbgBA8AB8_LLrgs~CBsQBSC7YTggwAGh2_b2AQ~CBsQBSDHYTglwAGKg8TEAg~CCcQChgBIN1hKN1hMOxhOA_AAeLBm9oF~CBsQBSDLYTgtwAGKg8TEAg~CCcQBRgBIPJhKPJhMPlhOAfAAY3TtMwJ~CBwQBhgBINVhKNVhMP1hOCho1mFw_GF4ebABAbgBA8ABlITitQ4~CBsQBRgBIPNhKPNhMI1iOBrAAc_G2uIB~CBwQBhgBIIJjKIJjMKtjOClogmNwqmN4FLABAbgBA8ABlITitQ4&met.1=1.kpbhi1pl~6.0~7.1~8.2~9.2~10.62~11.c~12.62~13.bs~14.ec~15.bu~16.s4~17.t1~18.t3~19.9kg~20.9kg~21.9mj~22.pf~23.pf&met.2=19.q~17.11g~18.723
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2404:6800:4007:805::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAEB
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=243.0000&a1=https&f1=layout_html&s1=0&d1=9.0000&i=498430647990&t=419&c=p&qqi=COqq25X98fACFb3auwgd-e4OHg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=upi.com&p=%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&u=rOet5CHt0Y2D5GC8L&d=upi.com&g=4027&g0=UPI%20Archives&g1=SALLY%20ANN%20DENTON&g4=article&n=1&f=00001&c=0.25&x=0&m=0&y=4478&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1540&t=DhdJKTCPZjyqDKyucRpqzZuCLe21N&V=126&tz=-120&sn=2&sv=6eqmZCgZppeBcZpWKG68_5D-YpPA&sd=1&im=067b0fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.108.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-108-122.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.upi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E9F9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1c245ff2846ff358cb4a70d9bcd20360a04c11f7d9613c1cdf9ec98842ce6fe9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YLPRxPBYd6-gTWzc59u0lwAA; CMPS=3263
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|51|73|196|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1729
Expires
Sun, 30 May 2021 17:56:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Connection
keep-alive
Set-Cookie
CMID=YLPRxPBYd6-gTWzc59u0lwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:20 GMT CMPS=3263;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:20 GMT CMPRO=1184;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:20 GMT CMST=YLPRxGCz0cQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 17:56:20 GMT CMRUM3=c460b3d1c405a0&e660b3d1c42760&ce60b3d1c405a0&2760b3d1c40b40&f160b3d1c405a0&2d60b3d1c405a0&4960b3d1c405a0&3360b3d1c405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:20 GMT

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 30 May 2021 17:56:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Connection
keep-alive
Set-Cookie
CMID=YLPRxPBYd6-gTWzc59u0lwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:20 GMT CMPS=3263;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:20 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 271C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84f6857efe8b5f8ed396596e3ab1989c6032ac59731b8f3f507d7b596e3536a7

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3263; CMID=YLPRxPBYd6-gTWzc59u0nAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|45|40|13|156|10
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1796
Expires
Sun, 30 May 2021 17:56:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Connection
keep-alive
Set-Cookie
CMID=YLPRxPBYd6-gTWzc59u0nAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:20 GMT CMPS=3263;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:20 GMT CMPRO=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:20 GMT CMRUM3=9c60b3d1c405a00&2d60b3d1c405a0&0a60b3d1c427600&e660b3d1c42760&2760b3d1c40b40&f160b3d1c405a0&2860b3d1c405a00&0d60b3d1c405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:20 GMT CMST=YLPRxGCz0cQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 17:56:20 GMT

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 30 May 2021 17:56:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Connection
keep-alive
Set-Cookie
CMID=YLPRxPBYd6-gTWzc59u0nAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 17:56:20 GMT CMPS=3263;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 17:56:20 GMT
crum
dsum-sec.casalemedia.com/ Frame E9F9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLPRxPBYd6-gTWzc59u0lwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:21 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E9F9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&dcc=t
43 B
720 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E9F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMU9NUa8PBZ-JuO3_eCnUUI&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMU9NUa8PBZ-JuO3_eCnUUI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 30 May 2021 17:56:20 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMU9NUa8PBZ-JuO3_eCnUUI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E9F9
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLPRxPBYd6-gTWzc59u0lwAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame E9F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=bfea5236-2bb6-4a3b-83d2-3933e57045c0
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=bfea5236-2bb6-4a3b-83d2-3933e57045c0
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bfea5236-2bb6-4a3b-83d2-3933e57045c0
43 B
1 KB
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bfea5236-2bb6-4a3b-83d2-3933e57045c0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:21 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bfea5236-2bb6-4a3b-83d2-3933e57045c0
date
Sun, 30 May 2021 17:56:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E9F9
43 B
554 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E9F9
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030003_60b3d1c4e50b4&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_60b3d1c4e50b4
43 B
994 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_60b3d1c4e50b4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:21 GMT

Redirect headers

date
Sun, 30 May 2021 17:56:20 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_60b3d1c4e50b4
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E9F9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB
43 B
702 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 17:56:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 17:56:20 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YLPRxPBYd6_gTWzc59u0lwAABKAAAAAB
Connection
keep-alive
Content-Length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E9F9
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YLPRxPBYd6-gTWzc59u0lwAA%261184
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:20 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1642
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 18:23:42 GMT
casale
match.adsrvr.org/track/cmf/ Frame 271C
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLPRxPBYd6-gTWzc59u0nAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 271C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPlYXOsrP7b8JgdvScdS98s&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPlYXOsrP7b8JgdvScdS98s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 30 May 2021 17:56:20 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPlYXOsrP7b8JgdvScdS98s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 271C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&dcc=t
43 B
720 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:20 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YLPRxPBYd6_gTWzc59u0nAAABJ0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 271C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLPRxPBYd6-gTWzc59u0nAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:21 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 17:56:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFGPbVikM8HcxuRo56B7PvY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 271C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064a2204020dbbd22ffa117c&expiration=[EXPIRATION]
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064a2204020dbbd22ffa117c&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:21 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=064a2204020dbbd22ffa117c&expiration=[EXPIRATION]
Date
Sun, 30 May 2021 17:56:21 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
cookiesync
bttrack.com/pixel/ Frame 271C
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sun, 30 May 2021 17:56:14 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame 271C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=582470793980
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=582470793980
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:23 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=582470793980
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 271C
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YLPRxPBYd6-gTWzc59u0nAAA%261181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 17:56:20 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1642
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 18:23:42 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 5D28
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.upi.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.231.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
0504d016f03239d3e5685c6f381d5ca9a8e313438bafd18610b4d10125ca2b7d

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=7c6d942d-0bee-458c-a0f0-d2c791fd85d9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sun, 30 May 2021 17:56:21 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 30 May 2021 17:56:21 GMT
pragma
no-cache

Redirect headers

date
Sun, 30 May 2021 17:56:21 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=7c6d942d-0bee-458c-a0f0-d2c791fd85d9; Path=/; Domain=eqads.com; Expires=Mon, 30 Aug 2021 17:56:21 GMT; Secure; SameSite=None
crum
dsum-sec.casalemedia.com/ Frame 5D28
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=7c6d942d-0bee-458c-a0f0-d2c791fd85d9&expiration=1630346181
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 17:56:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 30 May 2021 17:56:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=213852&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2253e89d04a90f5db%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278774818-31cb-49a8-b2d7-3541243770de%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-05-30T17%3A56%3A05%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254dbd6a64418cef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255ff4ab9980205c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22561f4d1477a233b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2257bf2b5ebe5906a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2258c158dec27d882%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22593c607e842783e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2260292621a83dfef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22612412ce62a937c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22623616827644d65%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2263b5a4e34f414ca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22637805%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22561f4d1477a233b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%7D
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=213852&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221662f933cd3115e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A10%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A10%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc90189%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278774818-31cb-49a8-b2d7-3541243770de%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-05-30T17%3A56%3A05%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221671f4c4a537c7f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22168ad5d4d3b0447a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221691c1f19aab088a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22170c1507093e35c8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22171d9db8809291f4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217234af1e5849d56%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217337d31fb54ffea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22174f83421f690435%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22175a5f420d426f2b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22176a7f8c9f471cc3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22637805%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22177c3fead83e48b1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22178dfeb3177dace6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213852%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221791182241b2f6da%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22180d491f035f104d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22181968858a737dc6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221824fdd401b89934%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22183aee87aef7a1dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213850%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218475f293298fb2d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22185d8f6d407d8a0a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213854%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22186f2bda4bf736a4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22637805%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221691c1f19aab088a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221791182241b2f6da%22%2C%22ext%22%3A%7B%22siteID%22%3A%22213851%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%7D
Domain
underdogmedia-d.openx.net
URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1c28be36-0c8a-45d8-bbbb-12e7ddb19038%2C1c28be36-0c8a-45d8-bbbb-12e7ddb19038%2C1c28be36-0c8a-45d8-bbbb-12e7ddb19038&nocache=1622397365862&pubcid=0b1fbb57-ba94-4e75-bb6c-5c5762623ba4&schain=1.0%2C1!udmserve.net%2C2952%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90&divIds=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90&auid=540857115%2C540857115%2C540857115&aumfs=78%2C78%2C78
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22145ba8ed9d08d45%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07368421052631578%22%2C%22152c90d8dd54bda%22%3A%22dbbbfe80443f8714ab66%7C728x90%7Cf%3D0.07368421052631578%22%7D&ref=https%3A%2F%2Fwww.upi.com%2FArchives%2F1984%2F01%2F20%2FSources-say-drug-ring-operates-with-police-protection%2F7598443422800%2F&s=0a091156-5e80-4c64-a638-bf18f5c23861&pv=f0c808c7-789a-4233-b4ad-5316f678ad85&vp=desktop&lib_name=prebid&lib_v=4.16.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222952%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%220b1fbb57-ba94-4e75-bb6c-5c5762623ba4%22%7D
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.16.0&cb=16247191706
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=4000&ts=1622397365866&src=pbjs
Domain
pix.impdesk.com
URL
https://pix.impdesk.com/csync/google?google_gid=CAESEAs-IN_lN3nm1MD7uVZ0ZFg&google_cver=1&google_push=AQvitUIe6KHM_IcndI6_mIj8vkBOy1kjpxlCI0dr8UFffH7vd4MRWCzvq123RX_LO-3lu34vJ3adzk3j0vGLrtQr0pFk8ga6g0n8
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLPRtrIR8KdwU09DUngA4wAABLAAAAIB&google_cver=1&google_gid=CAESENtBQIHR7_D2IndrY7yDEwU&google_push=AQvitUJerHsSbmyWm3xU8-Lo8KUfXFFhIPlroA6n1drL5lhz_RwLGaOpL7BVOydU3pv-ZnR8Duva7IC8sY8iT1iFq4HT9LyqSi5RHQ
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1462

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| EID function| divFill function| divFillPI function| dfpi function| st function| ht function| sht function| postFill function| pf function| getValuesByClass function| gvbc function| getElementsByClass function| cUc function| upi_pn function| upi_log_io object| upi_ol function| lic_photo function| upicc function| upirc function| wnd_xy function| wnd_sr function| upi_sb function| it_bl_hv function| fn_cxy function| mn_init function| prc function| generateUUID number| wnd_st number| wnd_y number| wnd_x number| doc_x number| doc_y string| mo_xy object| result function| c_stat function| upi_pt function| upi_ev function| upi_pt_c object| enl_cfg object| apstag number| adsStart function| detectWidth number| TIMEOUT object| googletag object| pbjs object| adUnits object| a9Slots boolean| a9BidsBack function| initAdServer string| dfpNetwork number| len object| OneSignal function| admiral function| __tcfapi function| __uspapi object| _clrm object| rr object| PushlySDK function| pushly object| _sf_async_config function| fbAsyncInit function| cont_reading string| paramKey number| wid object| config function| getParameterByName object| param object| subids object| el object| FB object| adrfd object| r1st function| rc_ad string| GoogleAnalyticsObject function| ga object| ua_result object| revcontent function| dspCriteoRTUSCallback function| renderRCWidget number| _swclk_ number| _swsts_ function| nho_match_height object| upi_gallery object| slot_st_gallery object| upi_slider object| rcst object| rc_fxdt boolean| apstagLOADED object| headertag object| confiant object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| 4dm1r11545242527 object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| pbStream string| pbPageIdentifier object| __EXCO object| ggeac object| google_js_reporting_queue function| pbjsChunk object| dfpAdunitsToRefresh object| _pbjsGlobals object| udm_ads_queue boolean| udm_confiant_init boolean| udm_edge_init object| _qoptions object| _qevents function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing object| gam_top object| gam_right object| gam_right1 object| google_rum_config object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| quantserve function| __qc object| ezt function| qtrack number| google_srt object| _google_rum_ns_ function| udm_r3Chunk object| udm_r3 function| endedHandler function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates object| Criteo string| pubcidCookie object| udmDefinedBlockedCreativeIds undefined| google_timing_params object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_108 object| Criteo_prebid_108 number| lnt_z undefined| google_rum_values object| google_image_requests object| GoogleGcLKhOms

0 Cookies

23 Console Messages

Source Level URL
Text
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api info URL: https://player.ex.co/player/6692d5de-a5c7-4c22-b435-fbfa65ddc60a(Line 6)
Message:
[exco-log] - 5/30/2021, 7:56:05 PM: logger - enabled
console-api warning URL: https://player.ex.co/player/6692d5de-a5c7-4c22-b435-fbfa65ddc60a(Line 6)
Message:
[exco-log] - 5/30/2021, 7:56:05 PM: geoLocation targeting was not met
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Initial check, __tcfapi is function
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Auction Started [object Object]
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Initial check, __tcfapi is function
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Auction Started [object Object]
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
[Prebid CMP check]: Auction Started [object Object]
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js(Line 6)
Message:
Exception in queued GPT command TypeError: Cannot read property 'addService' of null
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js(Line 6)
Message:
Exception in queued GPT command TypeError: Cannot read property 'addService' of null
console-api info URL: https://cdn.ampproject.org/rtv/022104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://www.upi.com/Archives/1984/01/20/Sources-say-drug-ring-operates-with-police-protection/7598443422800/
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-r
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-r
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-inread
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-inread
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-r
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-r
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-inread
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-inread
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-top
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-top
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Adunit is now viewable div-ad-top
console-api log URL: https://d3terveqlssriz.cloudfront.net/script.js(Line 1)
Message:
Queue refresh for: div-ad-top

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors frame-ancestors 'self'
X-Frame-Options 'SAMEORIGIN'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
730a432c4fa6b733faeeeea810c6d6e8.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
assets.a-mo.net
assets.revcontent.com
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
bidswitch-eu.splicky.com
breakfastboat.com
bttrack.com
c.amazon-adsystem.com
c.eu1.dyntrk.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.adnxs.com
cdn.ampproject.org
cdn.onesignal.com
cdn.p-n.io
cdn.revcontent.com
cdn2.match2one.net
cdnph.upi.com
clarium.global.ssl.fastly.net
cm.g.doubleclick.net
cms.quantserve.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
cs.admanmedia.com
cs.chocolateplatform.com
csi.gstatic.com
csync.loopme.me
d.adroll.com
d1bvk193qme2fc.cloudfront.net
d3terveqlssriz.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge.udmserve.net
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-sync.rutarget.ru
google.ops.beeline.ru
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
img.revcontent.com
inv-nets.admixer.net
js-sec.indexww.com
krk.kargo.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
nym1-ib.adnxs.com
odr.mookie1.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.impdesk.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
player.ex.co
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid.a-mo.net
prebid.adnxs.com
protected-by.clarium.io
pubmatic-match.dotomi.com
px.adhigh.net
r.scoota.co
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sm.rtb.mts.ru
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.go.sonobi.com
sync.mathtag.com
sync.technoratimedia.com
tech.rtb.mts.ru
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
u.openx.net
udmserve.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
underdogmedia-d.openx.net
upi-d.openx.net
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.upi.com
x.bidswitch.net
a.teads.tv
apex.go.sonobi.com
api.rlcdn.com
bidder.criteo.com
cm.g.doubleclick.net
hb.emxdgt.com
htlb.casalemedia.com
pix.impdesk.com
underdogmedia-d.openx.net
104.108.144.200
104.108.144.214
104.108.145.8
104.111.230.142
13.226.158.204
136.144.59.88
142.250.185.130
142.250.186.38
143.204.98.59
146.0.227.107
151.101.113.194
151.101.114.49
151.101.13.194
151.101.14.137
151.139.128.11
154.59.122.79
159.253.128.183
162.55.6.213
172.105.220.23
174.137.133.49
178.162.133.149
178.162.133.150
178.250.0.157
178.250.0.163
178.250.0.165
178.62.202.251
18.156.0.31
18.158.226.176
18.159.7.113
18.195.240.234
18.198.69.109
185.183.112.155
185.29.132.69
185.33.220.244
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.79
185.64.190.80
185.64.190.81
185.86.139.89
188.34.190.35
192.132.33.46
193.0.160.128
193.122.128.135
193.232.148.144
198.148.27.140
2001:678:cb4:bbbb::11
213.155.156.169
213.87.44.207
216.58.212.162
217.66.147.161
2404:6800:4007:805::2003
2600:9000:206f:cc00:f:baea:96c0:21
2600:9000:211e:d200:19:f03c:7200:21
2600:9000:2182:9800:18:1fcd:34f:cdc1
2600:9000:2182:fa00:6:44e3:f8c0:93a1
2600:9000:21f3:2800:5:c4ab:c3c0:93a1
2606:4700:20::ac43:4a43
2606:4700::6812:e134
2606:4700::6813:9f13
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.66.166
34.120.133.55
34.193.25.178
34.194.84.7
34.95.69.49
34.98.107.212
34.98.67.61
35.158.146.183
35.158.223.21
35.158.25.241
35.170.231.210
35.186.193.173
35.186.253.211
35.201.103.212
35.212.101.174
35.244.159.8
35.244.174.68
37.157.3.30
37.252.161.190
37.252.172.38
37.9.245.57
38.118.71.121
47.252.78.131
50.17.108.122
51.178.20.140
51.210.112.236
52.17.35.107
52.215.248.53
52.28.203.152
52.49.40.147
52.57.162.23
52.59.102.119
52.95.116.38
54.239.17.112
54.247.114.64
54.78.251.22
66.155.71.149
68.67.160.184
68.71.249.118
68.71.249.120
69.173.144.138
69.173.144.165
72.251.249.13
76.223.111.131
80.64.106.148
85.114.159.93
88.214.206.247
00ccf6eb40c870d79bc2dea351a02a48b3201756e86314fd6508213bdfc29e67
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
01b9430ade694fe8bcd8bbbcc05510ce39f4bb386ca60c0b82f7871b71702540
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
0504d016f03239d3e5685c6f381d5ca9a8e313438bafd18610b4d10125ca2b7d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ccc9d703cd8ac146a14986822b4d9dda3a7a08e6005023af728c4ed58e4d275
0cd73f4b4da56efa64125905643d3ece03db3700c0f0c254d6472ceb84121f7d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bf43ae894cd286b799dbc2c2f5df3c36a6aa5f20cdc24be369c1ad61c0e347
131b658e7808a05f69ac9436f8ac8f74a230691149f6c4ddd05852bf6a9c5fde
146c97c4ccc59ab0ece0e5e20855b639557671416c743b4e57e20b875da15447
15580840e082818dc83661dc1ed079b920d9badc865e0ecf02f49434154ec0b1
15c36f3b630e37a49d80bf804f2363921d2046109ca6329380e7d670955283d9
15c99df2c423cc4f6269d27da99b322066cf35699e3c140d0ea6def995a6b777
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a44f93bde6064767878c4844fee4bd5ee627a302b0da55995f7b4edac18dbb8
1a85e7d37f466f7aa77b74252a8deb14ced805a195e607fd6a7cbab9bc775f58
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1bc7206ada912b66cb1f046f9139203272173c39e4124365f15a245795f4498a
1c245ff2846ff358cb4a70d9bcd20360a04c11f7d9613c1cdf9ec98842ce6fe9
1c6118d495fbd3fab565c868ebf8b010885ab7e49d8717d2b2b43666b9ff9671
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
20c294ffb9e852ce154f36de8b5ab603be928307fefc473600961513f0405ecb
20ce5d311778ee3b00b281534498c6a431ae128c9bbcfe8c1e4712c16e4e0b69
226c9cf5c45fd500e1323600303da2d0653911a30fdafa75d4a208655967d502
229e0eb62816c09ca7b68fcd8c3f5eb0eefc5129e60ab0279c8c99f1bc4352c6
22ddcd875436177e9a3a83bb1397b8e8795c5c5137a12fd360526f9e395bccfa
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
27dea600687a034724fecbfad12180341e2e7c0dd3fae80746082217fb04ede2
29a4b0d41e9c25afeddc4de287fa9b60eda96a38f1e84f5d803b8dd9342846c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ca50ab7a3256d9dea75ce6432799ce788af1bfe3662ba4c1238ed737b5baae3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e823ac35b548b7fd710148c986c989563a4077197b6fba9d149d6aacb9e523a
30a773133838533daa3f8aa1148bfb210295b9a75f5573f42ef59c4682e639db
33e34791a63772c31c0d5b48c7887c69b528f63e76f528b12b24c2ab1b1af69a
349047b13dc01d45b53deead482e156c070db0a76fc2140a1e3457ddad90eec2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3776df2aa646d148b1eecbec404a6d59647d407c8a24882e8392e7d4e46c9c6b
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e254d1d7fc434c1852256b0c29a1b2017b10b3c71c82c176d81057eb4bf3c2d
3f02f3478018c6d9380143acd5eb1951935410ad4a4b4638dd3e78c91beb2806
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40af3173077907345c317551a077030604972c1012a2744881fc7d6031019642
40ec127334ff45cc8538035a25a2215c5ac43c206fe391f796fb2e5ea9837591
42d83505cf667894c6a3036c322b69fc174850d8e961809c78559c5787dc1acf
43a53af989b537e12e404d3f2a032228d3319875e413dfb86ffd994864613763
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443dcd52cd69bb6a1e7b069fca1a59e3eecd0ae206e40df44c88ae2272022f08
445dda0934a49d0fb50c52257ca83ba4f3c653f43df98a597f997f2de18a0514
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
473546f02a50a1506c82193d8fcc9a5a1b01dc625611ccb1d07ed3af5a56bdb1
47f163fd106410ef75b2b8a05365a6f21af8c8b078d1d223edbb642c4c03b031
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497e84288bcbc1d3a3d4a7fbc32b6674a781acb2a0c49f3301d3c38b3aaf4b1f
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b10852371223b4986ba22593ac716a14a87afc848bfeb4b7a2996182f7ad46f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4d4fc3d2e88cfe000f78e9100cfa3f3e4b0f8108a2551757040a77faf54b4028
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4ab087a5822afd0f59c363213d7b2557aa84444c525eb843e3cd33e0c23e94
50faae10916776a75ecdcacd18f9ca2e67de37581c76f26436b261520833968d
513fbd4ef4ebe3cfc60afb01efb691dd151e675be4a52e3da4a01007f8590105
5351c1573d281e8ddc5d00f1d1635882e4936f67c0a9eb59166af761da72747a
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55d4e57b58b2c98f05ffdb98695f9fe9099b239401dd2f420cb6133d9a5ed80c
57141320a4c43f8a344da6ed2afaeb99035922cda721bd4e59e97213d4fc1b4a
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
57ded6228552eb631cdbe0539258fd9e8f40568cd30388e42a1490c4d4d952a9
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3
5b7753e8d0cd046492ff274415167a714f1a993e5b8473822a9297dd239dbfb7
5d24722fd133411bbb8edfa914fdc1939da64540e7f4660f0e2ce3677dccf9c5
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f17264896af700aa957fd1259bf42423431a125e4e8d5e56c653dd6cb6902d3
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
691204d90c7a7c72f31bac7d1fcdbd156fccc23d44bd431680352e6720bb49b0
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a65059be8c0e2d71eb1c9978268b780c3c688088dc3f4832aa9747333e7dcd5
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b01b513764617041ffb747e627f0fcc84b10469dda5560ead903d776df8c6bd
6b0d54a14bb1c077bb51053c5237f23c5f1c44a92a83063875cb7182afa4a981
6b2a9bd06b9c0066e818dc06296ca42852251cf6b2428b834836f1eb4703dc73
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c63d867d6acbf3f51ea6e311d157fade5582e1387140cdc4070e92b4a3c8854
6d01de694a58d89b9298d281c058ed93a6624f225794498ad1e65c5e7b535c28
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6f7fffbfbd7455db1b83581bd8f5426466cf6e35ba2be2d2db13eb24a0238a79
6f911bd620d02dadbf7ae34cb88275c7f7a8f14ff3314fbb05f21ff132c5bcb9
70577ff53b2d496d4decb760ccf6549f03df365b173b74afedc062c4c5e1ec85
70f8f116f246b4c4cd4c8fc735fb4066eea5811cd5539a143c4b201a59337c2e
725b2a08bec003a6280ec189b09f040117d64344b6bb7319517403806c76b628
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73dd6b8fa301ecc49c7b3a4f99ea63416dcbaa2c6d684052ee4fda606451dfff
76107600294ae09d7baa69ef671d240e009e41792752ae922d393bf82158724e
7a036cb29be66103f5b67471446f00da43d8776ef2493aab805f7cb6e72a3650
7adef6b673dd982f8e9886c2eccd747f0b368324806c25384b7c9df1a00c9744
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f29f7c4a48c46b6a6e8b053fb00323e00123d691e37c5a5226d432ea7a856ba
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e80d94d5c7e69e94f9c0e294d0b82d9af5d3b4492987bac1c7e3ab7103c017
84f6857efe8b5f8ed396596e3ab1989c6032ac59731b8f3f507d7b596e3536a7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e54c9cbfc70eaebf49dfd5dacb9963d41a891c9b8fd0b882af42e2bb6034747
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
901529dd4c66262d14d044bc968c76d69181eb8dfd09105fcc16083acba10a7f
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91c4a75cf9d5679ab50f003eb044da5867fc57ad1da0ea29a4901f1d11fa4f7a
93210a77ea4ba0f3af2eceedfcdbe3565b1b56898c8bb78416dcbf704feaa71c
947e57609a3f3e60e250c02cf08b666fe4c1b731559937ad10cbdaf982e10058
94aa352951651921795fbb4675392f8ecfb8869561ed11b0979293c685d1ac66
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f026119e03b7b3570cf1d49d262e0bc0dac2944a2bcf3dc832efbf3341e02f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aac1ae280b1b855b76188542467aa409c147fe46ba277239ff54f112cc90827e
aaf75952093249676c5c4830082d80a4e6ce40dd4951d53441bef14a1ea36eb8
acec09c309d07c158cc736f8b8b486c58a9c6f24fa73c411c191091e747f0639
af4788ff9a0d6620a6f96fc8c932e7e32082170dda36f48d582a8d24a2f7e4cb
b0c2a889d07d01755fc1a7818e2d54ba67c7b953b453dc22e8aaedcd29fe0b57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1914c48d0e96dbf55755facc2d03a58b7c2a69e46a6922b5e2dfa84e56333b6
b2a469ad6e5c5674aee81995f9b2444d2aea8ac9188b4f4b02434d2e5897e647
b41a35bad63d329a7c4babeeea7225ccf200fdf06f5832b83cbcc5e58483eba7
b421b28dce3e9701b38a2c6e7b309c454af094e19392435fc50b31fd18011673
b60af545dc98d10d8a63cb169583e020365692044a29c893f99f0dab7ce60240
b78f030c71bb632b532e35ca0028230bedd275ca049b388c1e2a15b0b437cf31
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bbea77c4adcedf586c9cd9b41bd83c7b789108b95db9a5cd00a1186809bdcdac
bed8bfae72dfdecb281176c4fa2b85acaa0ef7cea1ccb8e37fa9cf7545a7accc
c20cca1847a2619e9fe4abf14a8697e2b0aa81a649785f553bcd9e76e487c870
c20ffb79fbd517dbcd9c20db86c984b9bbb06ae0366da785fdb56611fed9fbcf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c38ca957256f3f1b8de7af6533b6e6b18b91bf6a4eaa4d5e8c5757d2b3ea8171
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c3f5ba16538a2446ea66a6c5f0ea35b3a76b999e145bd56383c8585272af9c4c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6d91d994e181aceecf2a1e3886dc690969836fd89114ebfa787de8551d7b24f
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
c703fb3237577f078076305875a52968c8783c210076747f6be7d4fe79db7302
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c978f347c47062a30bcf41e3d7cd9682802f67174dd05b682db7c9ce5def8556
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cba9b81bdc4414beccc332f7e40a48df63d68035f96b4f854984c18ac9b33a94
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce4041bea1e2f1dce61f9119e1eb4c1755220acbb9137d8dcba36136a6c6c568
ce9a3cdf01fbde8991add10b28dffc20195abf864fb05f44efbbf62ca219ce1c
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d1bfc4eb77e7c7af9d16ecddda6fee89828d5096d054b2f517d160011d13a7ce
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e
d48f8df907db9356c6e3d2cc67bd6ce17109e67b7b784b39caa046894a7a3c51
d4f87eb2fd81448ae30cbd4d65fb30d717d22e580ca7d481b8c3f7473318b7cc
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d81eccf8f3e0161155c82d3b8924f7346bcc39c0d3c9320d66c9d2ab76208b46
d8400adcd7578487645f9c48e86a31de181d0031adbb00599fb44cf8d06008b1
d8dcd934f677c2261e8a71ecb99c707313b5fe26b2bfef76c973398196be6f7a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e061e58325efea71b9c1d16bf4eaca01ee507b2937d078d4ee75cac2d96f4d5b
e15ea3dd1354db57b120547e334c97b3c577ce413c9763c3101af7a3454f96be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ea481478fd717638f959064b535f8a86209ee418b3ff5715f23ff9756da6e6
e583af855c8e4ebd9c7218cf624d763268fa478ca34dcddf43d9de52bfb7088f
e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8
e6889f0ab4842ddd05640df07afee1dba8003ac96579def332d8e0aed68be826
e717996f5607537ed723a320f33924f674aa6aa1bd768bd0ca0475f964c23757
e7b0974280e0d6c50459458a9858d67dafb366f793ff74f211b608ffb9a9fabf
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
edb2fbeac661365d4bebc366229d283ddcee473e37f0a6d3b679c66f07aa2f10
eee25ace3fb09ca867fef4c1efaeb4076678e7ca87abcee54efeb106f1f205f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f3da5dd8dc7aaa63592265cf59d2d1fd31c134110517a06912ce3b26026c0dc4
f49cd4209dc3ecf44c4d036ef21e7f6584aa68c31987af7afdb9772e898fa415
f5993c915e34cdcb86d906e492435185186af1bf0679f50ce2b8067503759d2b
f6479017a518d84475443da98e0bce03f96e93ff4264cb43834fa2fae9d07405
fd17c6d5a041c7eb0ec66ff5d6deaf8e35e5f3dddbc915b49f95ea1c2942c65e
fd82af52c38a26d4a030d756229a9a5a02db4c31465a931022dbb826c35e7b93
fe98d55e357f01291a9d4adb50f10f974e8af39ec9b2c11ed80df896ddd114a6
feff65fd5368b99287762ef14d1efc675bc69ae8b799ca68dffff9eee96d0b5f
ff04ffeb6a5034edaedf6cb57c2d91591eb718aca3c8a72298d6eee8b9edc8e4