urlscan.io logo urlscan.io
SecurityTrails logo

www.nydailynews.com Open in urlscan Pro
2600:141b:13::17d7:8228  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Submission: On February 15 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 148 IPs in 11 countries across 140 domains to perform 660 HTTP transactions. The main IP is 2600:141b:13::17d7:8228, located in New York, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.nydailynews.com. The Cisco Umbrella rank of the primary domain is 28762.
TLS certificate: Issued by R3 on January 17th 2022. Valid for: 3 months.
This is the only time www.nydailynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 42 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 151.101.193.194 54113 (FASTLY)
26 142.251.32.98 15169 (GOOGLE)
5 52.85.63.179 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 33 151.101.193.44 54113 (FASTLY)
2 13.225.205.104 16509 (AMAZON-02)
1 54.230.162.11 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 3 23.59.109.238 16625 (AKAMAI-AS)
5 99.84.125.43 16509 (AMAZON-02)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
2 6 13.225.205.118 16509 (AMAZON-02)
3 31 23.221.203.181 16625 (AKAMAI-AS)
5 23.221.203.12 16625 (AKAMAI-AS)
7 52.85.61.34 16509 (AMAZON-02)
3 54.230.162.112 16509 (AMAZON-02)
1 2600:9000:216... 16509 (AMAZON-02)
1 13.225.58.39 16509 (AMAZON-02)
1 54.230.162.123 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.213.37.204 16509 (AMAZON-02)
1 2600:9000:21e... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.226.31.81 16509 (AMAZON-02)
1 46.105.202.126 16276 (OVH)
3 18.206.109.9 14618 (AMAZON-AES)
1 52.205.167.202 14618 (AMAZON-AES)
1 34.233.77.103 14618 (AMAZON-AES)
1 34.120.155.137 15169 (GOOGLE)
11 12 3.33.220.150 16509 (AMAZON-02)
4 9 68.67.160.26 29990 (ASN-APPNEX)
2 23.78.210.18 16625 (AKAMAI-AS)
2 2602:803:c002... 26667 (RUBICONPR...)
3 54.208.193.246 14618 (AMAZON-AES)
2 35.211.165.199 19527 (GOOGLE-2)
1 52.85.61.12 16509 (AMAZON-02)
8 10 141.95.3.40 16276 (OVH)
1 2600:9000:21e... 16509 (AMAZON-02)
1 209.197.3.16 20446 (HIGHWINDS3)
1 2 107.178.250.234 15169 (GOOGLE)
1 5 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
2 151.101.129.44 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.94.242.65 16509 (AMAZON-02)
4 96.17.65.160 16625 (AKAMAI-AS)
3 52.1.181.171 14618 (AMAZON-AES)
1 14 209.54.180.3 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 34.196.247.200 14618 (AMAZON-AES)
13 2607:f8b0:400... 15169 (GOOGLE)
2 54.235.123.142 14618 (AMAZON-AES)
1 2600:9000:202... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.201.103.212 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
5 204.237.133.116 62713 (AS-PUBMATIC)
1 4 8.28.7.81 62713 (AS-PUBMATIC)
1 34.235.184.233 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
1 5 54.89.1.168 14618 (AMAZON-AES)
5 11 8.43.72.98 26667 (RUBICONPR...)
1 1 3.230.28.223 14618 (AMAZON-AES)
1 3.129.242.122 16509 (AMAZON-02)
1 34.235.23.231 14618 (AMAZON-AES)
2 7 35.244.159.8 15169 (GOOGLE)
1 54.211.161.228 14618 (AMAZON-AES)
2 156.154.200.36 19907 (NEUSTAR-AS6)
1 2 34.197.192.192 14618 (AMAZON-AES)
4 4 68.67.161.210 29990 (ASN-APPNEX)
6 104.112.13.139 16625 (AKAMAI-AS)
3 31 141.226.224.48 200478 (TABOOLA-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 37 151.101.194.137 54113 (FASTLY)
2 3.225.165.174 14618 (AMAZON-AES)
6 104.105.42.146 16625 (AKAMAI-AS)
7 7 54.175.87.114 14618 (AMAZON-AES)
6 6 2606:ae80:147... 25751 (VALUECLICK)
1 54.173.21.243 14618 (AMAZON-AES)
3 21 52.223.22.214 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
4 5 185.167.164.39 198622 (ADFORM)
6 7 151.101.2.49 54113 (FASTLY)
6 6 103.229.205.242 30419 (MEDIAMATH...)
2 33 104.36.115.109 62713 (AS-PUBMATIC)
8 8 34.205.197.188 14618 (AMAZON-AES)
12 17 142.250.72.98 15169 (GOOGLE)
5 6 198.148.27.139 19189 (PULSEPOINT)
3 3 150.136.222.2 31898 (ORACLE-BM...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 8.28.7.84 62713 (AS-PUBMATIC)
3 3 108.168.159.145 36351 (SOFTLAYER)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 6 2600:1f18:4e9... 14618 (AMAZON-AES)
3 3 23.219.95.182 16625 (AKAMAI-AS)
3 3 173.231.178.117 29791 (VOXEL-DOT...)
16 16 35.211.178.172 19527 (GOOGLE-2)
2 2 3.228.147.119 14618 (AMAZON-AES)
1 1 3.128.137.140 16509 (AMAZON-02)
3 54.236.139.147 14618 (AMAZON-AES)
2 2 34.237.23.137 14618 (AMAZON-AES)
15 2607:f8b0:400... 15169 (GOOGLE)
29 18.119.71.134 16509 (AMAZON-02)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 2001:4998:1c:... 14779 (YAHOO)
8 2607:f8b0:400... 15169 (GOOGLE)
4 4 192.35.249.127 11742 (SPOTX-IAD)
3 52.46.155.118 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
12 199.127.204.162 26120 (RHYTHMONE)
1 2 63.251.86.51 10913 (INTERNAP-BLK)
1 199.187.193.166 47043 (SMARTADSE...)
1 52.54.42.45 14618 (AMAZON-AES)
2 2 74.119.119.150 19750 (AS-CRITEO)
1 1 69.166.1.10 27630 (AS-XFERNET)
2 2 107.178.246.49 15169 (GOOGLE)
2 2 35.207.24.140 15169 (GOOGLE)
1 195.244.31.11 63140 (IGUANA-WO...)
1 1 31.220.27.134 39572 (ADVANCEDH...)
17 2607:f8b0:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
2 142.4.218.92 16276 (OVH)
1 199.250.166.129 26459 (TTD-ASN-01)
3 35.241.31.249 15169 (GOOGLE)
4 143.204.143.31 16509 (AMAZON-02)
2 3 142.250.64.102 15169 (GOOGLE)
3 104.36.113.24 62713 (AS-PUBMATIC)
8 104.17.209.240 13335 (CLOUDFLAR...)
1 34.120.253.250 15169 (GOOGLE)
1 1 34.102.163.6 15169 (GOOGLE)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 35.211.141.197 15169 (GOOGLE)
2 2 64.74.236.127 19024 (INTERNAP-...)
1 1 104.126.112.185 16625 (AKAMAI-AS)
2 2 52.203.60.58 14618 (AMAZON-AES)
5 34.98.72.95 15169 (GOOGLE)
1 169.197.150.7 398989 (DEEPINTENT)
5 5 51.210.112.236 16276 (OVH)
2 2 52.0.156.250 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 35.201.96.126 15169 (GOOGLE)
1 2 44.198.222.213 14618 (AMAZON-AES)
1 52.86.198.120 14618 (AMAZON-AES)
1 35.211.20.91 15169 (GOOGLE)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
1 8.2.108.194 46636 (NATCOWEB)
1 35.186.240.235 15169 (GOOGLE)
1 35.190.86.194 15169 (GOOGLE)
1 35.227.193.227 15169 (GOOGLE)
3 2800:3f0:4002... 15169 (GOOGLE)
3 104.17.208.240 13335 (CLOUDFLAR...)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:ba61:0:1... 35625 (EURAFIBRE-AS)
1 34.107.191.194 15169 (GOOGLE)
1 96.17.64.164 16625 (AKAMAI-AS)
2 34.149.130.207 15169 (GOOGLE)
4 34.117.4.53 15169 (GOOGLE)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
3 3 2620:116:800b... 14618 (AMAZON-AES)
2 2 23.211.130.59 16625 (AKAMAI-AS)
16 34.111.8.32 15169 (GOOGLE)
2 4 35.207.10.239 15169 (GOOGLE)
2 2 69.90.254.78 13768 (COGECO-PEER1)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
4 74.119.119.139 19750 (AS-CRITEO)
6 142.250.65.226 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 3 52.0.54.12 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 44.196.229.52 14618 (AMAZON-AES)
4 4 199.127.204.142 26120 (RHYTHMONE)
1 1 104.45.178.220 8075 (MICROSOFT...)
3 3 38.27.122.126 174 (COGENT-174)
1 1 172.105.203.31 63949 (LINODE-AP...)
1 162.55.120.196 24940 (HETZNER-AS)
1 1 52.5.237.191 14618 (AMAZON-AES)
1 195.5.165.20 44968 (IPROM-AS)
1 1 23.88.75.186 24940 (HETZNER-AS)
2 2 207.198.113.177 13768 (COGECO-PEER1)
2 2 34.239.109.150 14618 (AMAZON-AES)
1 2 4.78.226.233 3356 (LEVEL3)
1 1 45.35.192.162 40676 (AS40676)
1 1 34.102.253.54 15169 (GOOGLE)
1 44.197.23.49 14618 (AMAZON-AES)
1 1 178.62.202.251 14061 (DIGITALOC...)
3 3 54.89.30.31 ()
4 4 185.184.8.65 ()
2 2 51.81.106.33 ()
1 1 52.71.142.200 ()
1 2 100.20.199.76 ()
1 1 52.4.194.209 ()
660 148
42    2600:141b:13::17d7:8228 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.nydailynews.com
3    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
26    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
pubads.g.doubleclick.net
5    52.85.63.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-63-179.ewr53.r.cloudfront.net
c.amazon-adsystem.com
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
33    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
images.taboola.com
trc.taboola.com
match.taboola.com
15.taboola.com
vidstat.taboola.com
imprnjmp.taboola.com
2    13.225.205.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-104.ewr50.r.cloudfront.net
assets.zephr.com
1    54.230.162.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-11.ewr53.r.cloudfront.net
tribune-nydailynewsclassic.zeustechnology.com
2    2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:141b:13:6a9::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
3    23.59.109.238 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-109-238.deploy.static.akamaitechnologies.com
ssor.tribdss.com
www.tribdss.com
5    99.84.125.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-43.ewr52.r.cloudfront.net
zephr.nydailynews.com
1    2600:141b:13:a87::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
10    2607:f8b0:4006:823::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    13.225.205.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-118.ewr50.r.cloudfront.net
sb.scorecardresearch.com
31    23.221.203.181 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-181.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
5    23.221.203.12 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-12.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    52.85.61.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-34.ewr53.r.cloudfront.net
ib.3lift.com
3    54.230.162.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-112.ewr53.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2162:3a00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
1    13.225.58.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-58-39.ewr53.r.cloudfront.net
cdn.parsely.com
1    54.230.162.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-123.ewr53.r.cloudfront.net
insights.zeustechnology.com
1    2607:f8b0:4006:806::200e (Queens, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    34.213.37.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-37-204.us-west-2.compute.amazonaws.com
authenticate.nydailynews.com
1    2600:9000:21ec:9e00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
1    2607:f8b0:4006:817::200e (Queens, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
1    13.226.31.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-81.ewr53.r.cloudfront.net
ats.rlcdn.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
3    18.206.109.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-109-9.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
1    34.233.77.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-77-103.compute-1.amazonaws.com
idx.liadm.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
12    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    68.67.160.26 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    23.78.210.18 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-210-18.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    54.208.193.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-193-246.compute-1.amazonaws.com
tlx.3lift.com
2    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    52.85.61.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-12.ewr53.r.cloudfront.net
geo.privacymanager.io
10    141.95.3.40 (France)

ASN16276 (OVH, FR)
PTR: p30.id5-sync.com
id5-sync.com
1    2600:9000:21ea:5400:9:7c30:be80:21 (United States)

ASN16509 (AMAZON-02, US)
d1n00d49gkbray.cloudfront.net
1    209.197.3.16 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net
cdn5.userzoom.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
5    2607:f8b0:4006:81e::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
api.taboola.com
pips.taboola.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
1    2607:f8b0:4006:824::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
9    2607:f8b0:4006:81e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:80e::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
1    52.94.242.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
sqs.us-east-1.amazonaws.com
4    96.17.65.160 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-65-160.deploy.static.akamaitechnologies.com
a.teads.tv
3    52.1.181.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-181-171.compute-1.amazonaws.com
protected-by.clarium.io
14    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:80f::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    34.196.247.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-247-200.compute-1.amazonaws.com
tr2.smarterhq.io
13    2607:f8b0:4006:80b::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
googleads.g.doubleclick.net
2    54.235.123.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-123-142.compute-1.amazonaws.com
www.i.matheranalytics.com
1    2600:9000:202c:f800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    35.201.103.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.103.201.35.bc.googleusercontent.com
smoggysnakes.com
1    2607:f8b0:4023:1404::9d (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    204.237.133.116 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.235.184.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-184-233.compute-1.amazonaws.com
ping.chartbeat.net
1    2607:f8b0:4006:808::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2600:9000:2209:a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    54.89.1.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-1-168.compute-1.amazonaws.com
sync.crwdcntrl.net
11    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    3.230.28.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-28-223.compute-1.amazonaws.com
jadserve.postrelease.com
1    3.129.242.122 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-242-122.us-east-2.compute.amazonaws.com
sync.sharethis.com
1    34.235.23.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-23-231.compute-1.amazonaws.com
ml314.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    54.211.161.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-161-228.compute-1.amazonaws.com
beacon.krxd.net
2    156.154.200.36 (United States)

ASN19907 (NEUSTAR-AS6, US)
aa.agkn.com
2    34.197.192.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com
ps.eyeota.net
4    68.67.161.210 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
6    104.112.13.139 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-13-139.deploy.static.akamaitechnologies.com
t.teads.tv
31    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
2    2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
37    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
ins.connatix.com
vid.connatix.com
img.connatix.com
cks.connatix.com
2    3.225.165.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-165-174.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
6    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
6    2606:ae80:1471:16::760 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
1    54.173.21.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-21-243.compute-1.amazonaws.com
crb.kargo.com
21    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    2607:f8b0:4006:80a::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
rtd-tm.everesttech.net
6    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
33    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
8    34.205.197.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-197-188.compute-1.amazonaws.com
match.prod.bidr.io
17    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net
6    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    150.136.222.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    108.168.159.145 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 91.9f.a86c.ip4.static.sl-reverse.com
um.simpli.fi
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
6    2600:1f18:4e9:5a05:7530:e049:6d41:d338 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    23.219.95.182 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-95-182.deploy.static.akamaitechnologies.com
px.owneriq.net
3    173.231.178.117 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-delivery-9.sys.adgear.com
cm.adgrx.com
16    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
us-east-sync.bidswitch.net
2    3.228.147.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-147-119.compute-1.amazonaws.com
ads.creative-serving.com
1    3.128.137.140 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-137-140.us-east-2.compute.amazonaws.com
sync.adotmob.com
3    54.236.139.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-139-147.compute-1.amazonaws.com
ads.yieldmo.com
2    34.237.23.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
15    2607:f8b0:4006:816::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
29    18.119.71.134 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-71-134.us-east-2.compute.amazonaws.com
capi.connatix.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2001:4998:1c:800::1000 (United States)

ASN14779 (YAHOO, US)
ads.yahoo.com
8    2607:f8b0:4006:81c::200a (Queens, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
3    52.46.155.118 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
2    2607:f8b0:4006:823::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
1    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    52.54.42.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-42-45.compute-1.amazonaws.com
e1.emxdgt.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
17    2607:f8b0:4006:80f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    142.4.218.92 (Canada)

ASN16276 (OVH, FR)
PTR: am03.adlooxtracking.com
am.adlooxtracking.com
1    199.250.166.129 (United States)

ASN26459 (TTD-ASN-01, US)
vae-bid.adsrvr.org
3    35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com
pixelam.adlooxtracking.com
data00.adlooxtracking.com
4    143.204.143.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-143-31.ewr52.r.cloudfront.net
img.3lift.com
3    142.250.64.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f6.1e100.net
ad.doubleclick.net
3    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
8    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    35.211.141.197 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
2    64.74.236.127 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.203.60.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-60-58.compute-1.amazonaws.com
sync.ipredictive.com
5    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
5    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-1.cloudy.ovh
pixel.onaudience.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loada.exelator.com
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    44.198.222.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-222-213.compute-1.amazonaws.com
io.narrative.io
1    52.86.198.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-198-120.compute-1.amazonaws.com
rtb.adentifi.com
1    35.211.20.91 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 91.20.211.35.bc.googleusercontent.com
prod-use.perf-serving.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    35.186.240.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.240.186.35.bc.googleusercontent.com
data.cdnbasket.net
1    35.190.86.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.86.190.35.bc.googleusercontent.com
page.cdnbasket.net
1    35.227.193.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.193.227.35.bc.googleusercontent.com
view.cdnbasket.net
3    2800:3f0:4002:80e::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com
1    2607:f8b0:400b:1::c (Minneapolis, United States)

ASN15169 (GOOGLE, US)
rr6---sn-tt1eln7l.googlevideo.com
1    2a00:ba61:0:126::d (France)

ASN35625 (EURAFIBRE-AS, FR)
rr2---sn-apaapm4g-apae.googlevideo.com
1    34.107.191.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.191.107.34.bc.googleusercontent.com
ids.cdnwidget.com
1    96.17.64.164 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-164.deploy.static.akamaitechnologies.com
ca1.qualtrics.com
2    34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com
pd.cdnwidget.com
idr.cdnwidget.com
4    34.117.4.53 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 53.4.117.34.bc.googleusercontent.com
api.bounceexchange.com
dfp.bouncex.net
2    2600:1f18:612b:4264:d436:a7a1:a7a:c65e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
3    2620:116:800b:21:f716:921a:893c:c3d8 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
pixel.quantserve.com
2    23.211.130.59 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-130-59.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
16    34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com
events.bouncex.net
4    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
6    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
ade.googlesyndication.com
2    2607:f8b0:400d:c09::8b (Morganton, United States)

ASN15169 (GOOGLE, US)
s.youtube.com
3    52.0.54.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-54-12.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    44.196.229.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-229-52.compute-1.amazonaws.com
pm.w55c.net
4    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
3    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    172.105.203.31 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1857-31.members.linode.com
gocm.c.appier.net
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    52.5.237.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-237-191.compute-1.amazonaws.com
docker.creative-serving.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
2    207.198.113.177 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.239.109.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-109-150.compute-1.amazonaws.com
ads.avct.cloud
2    4.78.226.233 (Mobile, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    44.197.23.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-23-49.compute-1.amazonaws.com
rtb.gumgum.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    54.89.30.31 (None, )

ASN- ()
ad.360yield.com
4    185.184.8.65 (None, )

ASN- ()
creativecdn.com
2    51.81.106.33 (None, )

ASN- ()
gu.dyntrk.com
1    52.71.142.200 (None, )

ASN- ()
sync.extend.tv
2    100.20.199.76 (None, )

ASN- ()
dpm.demdex.net
1    52.4.194.209 (None, )

ASN- ()
d.adroll.com
Apex Domain
Subdomains		 Transfer
67 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 983
api.taboola.com — Cisco Umbrella Rank: 5461
c2.taboola.com — Cisco Umbrella Rank: 7528
images.taboola.com — Cisco Umbrella Rank: 1580
trc.taboola.com — Cisco Umbrella Rank: 571
us-trc-events.taboola.com — Cisco Umbrella Rank: 6205
sync.taboola.com — Cisco Umbrella Rank: 725
sync-t1.taboola.com — Cisco Umbrella Rank: 1241
match.taboola.com — Cisco Umbrella Rank: 1834
pips.taboola.com — Cisco Umbrella Rank: 1788
cds.taboola.com — Cisco Umbrella Rank: 1006
15.taboola.com — Cisco Umbrella Rank: 1878
trc-events.taboola.com — Cisco Umbrella Rank: 1715
vidstat.taboola.com — Cisco Umbrella Rank: 1885
imprnjmp.taboola.com — Cisco Umbrella Rank: 3587
us-match.taboola.com — Cisco Umbrella Rank: 3908
us-vid-events.taboola.com — Cisco Umbrella Rank: 3660
379 KB
66 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3152
cds.connatix.com — Cisco Umbrella Rank: 3185
capi.connatix.com — Cisco Umbrella Rank: 2720
ins.connatix.com — Cisco Umbrella Rank: 7888
vid.connatix.com — Cisco Umbrella Rank: 3732
img.connatix.com — Cisco Umbrella Rank: 3844
cks.connatix.com — Cisco Umbrella Rank: 4262
2 MB
55 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
ad.doubleclick.net — Cisco Umbrella Rank: 167
pubads.g.doubleclick.net — Cisco Umbrella Rank: 506
268 KB
52 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 420
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 752
image4.pubmatic.com — Cisco Umbrella Rank: 738
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
56 KB
48 nydailynews.com
www.nydailynews.com — Cisco Umbrella Rank: 28762
zephr.nydailynews.com — Cisco Umbrella Rank: 96735
authenticate.nydailynews.com — Cisco Umbrella Rank: 151568
1 MB
40 googlesyndication.com
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
ade.googlesyndication.com — Cisco Umbrella Rank: 261
213 KB
35 3lift.com
ib.3lift.com — Cisco Umbrella Rank: 1015
tlx.3lift.com — Cisco Umbrella Rank: 532
eb2.3lift.com — Cisco Umbrella Rank: 356
img.3lift.com — Cisco Umbrella Rank: 2316
161 KB
32 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 427
as-sec.casalemedia.com — Cisco Umbrella Rank: 1146
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
dsum.casalemedia.com — Cisco Umbrella Rank: 1042
ssum.casalemedia.com
51 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
token.rubiconproject.com — Cisco Umbrella Rank: 593
eus.rubiconproject.com — Cisco Umbrella Rank: 512
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
40 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 862
aax.amazon-adsystem.com — Cisco Umbrella Rank: 868
73 KB
18 bouncex.net
dfp.bouncex.net — Cisco Umbrella Rank: 3516
events.bouncex.net — Cisco Umbrella Rank: 1797
2 KB
18 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1017
x.bidswitch.net — Cisco Umbrella Rank: 265
us-east-sync.bidswitch.net — Cisco Umbrella Rank: 1665
8 KB
15 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1196
sync.1rx.io — Cisco Umbrella Rank: 480
4 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ads.yahoo.com — Cisco Umbrella Rank: 835
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
9 KB
15 google.com
ampcid.google.com — Cisco Umbrella Rank: 1677
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
4 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
27 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
vae-bid.adsrvr.org — Cisco Umbrella Rank: 1800
8 KB
12 qualtrics.com
zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com — Cisco Umbrella Rank: 120377
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1020
ca1.qualtrics.com — Cisco Umbrella Rank: 17106
92 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1505
id5-sync.com — Cisco Umbrella Rank: 493
25 KB
11 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2036
bcp.crwdcntrl.net — Cisco Umbrella Rank: 629
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
52 KB
10 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 619
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
4 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
1 MB
10 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1139
t.teads.tv — Cisco Umbrella Rank: 2343
136 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
55 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
3 KB
7 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 1910
api.bounceexchange.com — Cisco Umbrella Rank: 2745
185 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
rtd-tm.everesttech.net — Cisco Umbrella Rank: 1872
2 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 636
us-u.openx.net — Cisco Umbrella Rank: 322
1 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
203 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 516
4 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
4 KB
6 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4823
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2481
casale-match.dotomi.com
2 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
3 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 443
141 KB
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1400
2 KB
5 adlooxtracking.com
am.adlooxtracking.com — Cisco Umbrella Rank: 20192
pixelam.adlooxtracking.com — Cisco Umbrella Rank: 84239
data00.adlooxtracking.com — Cisco Umbrella Rank: 7790
129 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
2 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 4932
ads.yieldmo.com — Cisco Umbrella Rank: 633
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 9299
2 KB
5 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1336
api.rlcdn.com — Cisco Umbrella Rank: 739
idsync.rlcdn.com — Cisco Umbrella Rank: 283
36 KB
5 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 69623
adservice.google.ca — Cisco Umbrella Rank: 12901
www.google.ca — Cisco Umbrella Rank: 8810
2 KB
4 creativecdn.com
creativecdn.com
1 KB
4 behave.com
ssp.behave.com — Cisco Umbrella Rank: 2576
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
3 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 2951
onesignal.com — Cisco Umbrella Rank: 1314
82 KB
4 smarterhq.io
tr2.smarterhq.io — Cisco Umbrella Rank: 9737
1 KB
4 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10579
www.i.matheranalytics.com — Cisco Umbrella Rank: 10878
43 KB
3 360yield.com
ad.360yield.com
893 B
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1320
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1174
952 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 927
pixel.quantserve.com — Cisco Umbrella Rank: 374
1 KB
3 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 4455
pd.cdnwidget.com — Cisco Umbrella Rank: 4512
idr.cdnwidget.com
1 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 5709
page.cdnbasket.net — Cisco Umbrella Rank: 5706
view.cdnbasket.net — Cisco Umbrella Rank: 5712
1 KB
3 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3024
docker.creative-serving.com — Cisco Umbrella Rank: 4314
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
1 KB
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1041
2 KB
3 smoggysnakes.com
smoggysnakes.com — Cisco Umbrella Rank: 43527
27 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1750
1003 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
113 KB
3 cloudfront.net
dyv1bugovvq1g.cloudfront.net
d15kdpgjg3unno.cloudfront.net
d1n00d49gkbray.cloudfront.net
46 KB
3 tribdss.com
ssor.tribdss.com — Cisco Umbrella Rank: 31319
www.tribdss.com — Cisco Umbrella Rank: 31572
22 KB
3 go-mpulse.net
c.go-mpulse.net — Cisco Umbrella Rank: 549
s.go-mpulse.net — Cisco Umbrella Rank: 1150
101 KB
3 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1485
105 KB
2 demdex.net
dpm.demdex.net
2 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 3763
965 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2484
894 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
946 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 youtube.com
s.youtube.com — Cisco Umbrella Rank: 753
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 946
1 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3206
931 B
2 googlevideo.com
rr6---sn-tt1eln7l.googlevideo.com — Cisco Umbrella Rank: 155858
rr2---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 599197
696 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 1950
643 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3352
1009 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 20824
2 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 882
984 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
1 KB
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 3745
772 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 497
552 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
1003 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 740
785 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
911 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 696
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
17 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
844 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 692
849 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 845
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
1 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3260
33 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2498
p1.parsely.com — Cisco Umbrella Rank: 1996
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
102 KB
2 zeustechnology.com
tribune-nydailynewsclassic.zeustechnology.com — Cisco Umbrella Rank: 92689
insights.zeustechnology.com — Cisco Umbrella Rank: 12156
59 KB
2 zephr.com
assets.zephr.com — Cisco Umbrella Rank: 30610
16 KB
1 adroll.com
d.adroll.com
112 B
1 extend.tv
sync.extend.tv
546 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2152
534 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 978
209 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3101
462 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2150
485 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 911
217 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 4797
277 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5066
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1908
395 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3011
348 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
650 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3034
432 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2604
262 B
1 perf-serving.com
prod-use.perf-serving.com — Cisco Umbrella Rank: 8601
160 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 931
88 B
1 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
170 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 807
222 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 447
1010 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 212
667 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1554
249 B
1 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 7315
212 KB
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3359
225 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1534
343 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 811
763 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1066
120 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535
696 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1254
706 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3850
360 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1827
435 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 371
338 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1357
517 B
1 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 2516
549 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 900
538 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 502
480 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1099
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1242
14 KB
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 4621
658 B
1 userzoom.com
cdn5.userzoom.com — Cisco Umbrella Rank: 5793
495 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1451
594 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 5352
591 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 618
13 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 709
434 B
660 140
Domain Requested by
42 www.nydailynews.com 2 redirects www.nydailynews.com
29 capi.connatix.com cd.connatix.com
24 simage2.pubmatic.com 2 redirects ads.pubmatic.com
www.nydailynews.com
21 eb2.3lift.com 3 redirects www.nydailynews.com
ib.3lift.com
eb2.3lift.com
19 sync.taboola.com 3 redirects www.nydailynews.com
srcdoc
ssum-sec.casalemedia.com
ssum.casalemedia.com
18 vid.connatix.com cd.connatix.com
18 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
17 pagead2.googlesyndication.com srcdoc
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
17 cm.g.doubleclick.net 12 redirects u.openx.net
eus.rubiconproject.com
www.nydailynews.com
eb2.3lift.com
16 events.bouncex.net
15 tpc.googlesyndication.com www.nydailynews.com
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
15 x.bidswitch.net 15 redirects
14 trc.taboola.com 1 redirects cdn.taboola.com
www.nydailynews.com
eus.rubiconproject.com
14 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
eb2.3lift.com
ads.pubmatic.com
12 tag.1rx.io cds.connatix.com
12 match.adsrvr.org 11 redirects js-sec.indexww.com
12 securepubads.g.doubleclick.net www.nydailynews.com
securepubads.g.doubleclick.net
www.googletagservices.com
cd.connatix.com
11 pubads.g.doubleclick.net imasdk.googleapis.com
11 googleads.g.doubleclick.net 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
10 siteintercept.qualtrics.com zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com
siteintercept.qualtrics.com
10 id5-sync.com 8 redirects cdn.id5-sync.com
www.nydailynews.com
10 www.google-analytics.com www.nydailynews.com
www.google-analytics.com
10 cdn.taboola.com www.nydailynews.com
cdn.taboola.com
9 image2.pubmatic.com ads.pubmatic.com
9 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
9 ib.adnxs.com 4 redirects tribune-nydailynewsclassic.zeustechnology.com
sync-amz.ads.yieldmo.com
eb2.3lift.com
8 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
8 match.prod.bidr.io 8 redirects
7 ups.analytics.yahoo.com 7 redirects
7 ib.3lift.com tribune-nydailynewsclassic.zeustechnology.com
www.nydailynews.com
6 ade.googlesyndication.com
6 sync-t1.taboola.com www.nydailynews.com
srcdoc
6 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
6 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
u.openx.net
ssum-sec.casalemedia.com
6 bh.contextweb.com 5 redirects www.nydailynews.com
6 sync.mathtag.com 6 redirects
6 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
srcdoc
6 t.teads.tv www.nydailynews.com
6 sb.scorecardresearch.com 2 redirects cdn.taboola.com
www.nydailynews.com
6 cdn.cookielaw.org www.nydailynews.com
cdn.cookielaw.org
5 pixel.onaudience.com 5 redirects
5 assets.bounceexchange.com tag.wknd.ai
assets.bounceexchange.com
5 img.connatix.com www.nydailynews.com
tribune-nydailynewsclassic.zeustechnology.com
5 ins.connatix.com cd.connatix.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 token.rubiconproject.com 3 redirects bcp.crwdcntrl.net
eus.rubiconproject.com
5 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
srcdoc
5 hbopenbid.pubmatic.com tribune-nydailynewsclassic.zeustechnology.com
www.nydailynews.com
5 www.google.com 1 redirects www.nydailynews.com
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 ads.pubmatic.com tribune-nydailynewsclassic.zeustechnology.com
ads.pubmatic.com
s.amazon-adsystem.com
assets.bounceexchange.com
5 zephr.nydailynews.com assets.zephr.com
5 c.amazon-adsystem.com www.nydailynews.com
c.amazon-adsystem.com
4 creativecdn.com 4 redirects
4 mug.criteo.com
4 gum.criteo.com 2 redirects
4 ssp.behave.com 2 redirects www.nydailynews.com
4 img.3lift.com www.nydailynews.com
ib.3lift.com
4 sync.search.spotxchange.com 4 redirects
4 cks.connatix.com www.nydailynews.com
4 cds.connatix.com www.nydailynews.com
cd.connatix.com
4 secure.adnxs.com 4 redirects
4 u.openx.net 2 redirects s.amazon-adsystem.com
www.nydailynews.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 tr2.smarterhq.io d1n00d49gkbray.cloudfront.net
www.nydailynews.com
4 a.teads.tv www.nydailynews.com
a.teads.tv
4 as-sec.casalemedia.com js-sec.indexww.com
www.nydailynews.com
3 ad.360yield.com 3 redirects
3 match.bnmla.com 3 redirects
3 sync.1rx.io 3 redirects
3 pm.w55c.net 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 csi.gstatic.com imasdk.googleapis.com
3 trc-events.taboola.com
3 simage4.pubmatic.com ads.pubmatic.com
3 ad.doubleclick.net 2 redirects
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 cm.adgrx.com 3 redirects
3 px.owneriq.net 3 redirects
3 us-u.openx.net u.openx.net
3 ad.turn.com 3 redirects
3 um.simpli.fi 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 sync.technoratimedia.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 smoggysnakes.com www.nydailynews.com
smoggysnakes.com
3 protected-by.clarium.io www.nydailynews.com
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
3 www.googletagservices.com www.nydailynews.com
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
3 images.taboola.com www.nydailynews.com
3 adservice.google.ca securepubads.g.doubleclick.net
3 tlx.3lift.com tribune-nydailynewsclassic.zeustechnology.com
www.nydailynews.com
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 tags.crwdcntrl.net tribune-nydailynewsclassic.zeustechnology.com
tags.crwdcntrl.net
3 confiant-integrations.global.ssl.fastly.net www.nydailynews.com
confiant-integrations.global.ssl.fastly.net
2 dpm.demdex.net 1 redirects ssum.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pmp.mxptint.net 1 redirects
2 ads.avct.cloud 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 s.youtube.com
2 ums.acuityplatform.com 2 redirects
2 dfp.bouncex.net www.nydailynews.com
2 secure-assets.rubiconproject.com 2 redirects
2 cms.quantserve.com 2 redirects
2 taboola-supply-partners.tremorhub.com 2 redirects
2 api.bounceexchange.com assets.bounceexchange.com
2 pubmatic-match.dotomi.com 2 redirects
2 io.narrative.io 1 redirects
2 visitor.fiftyt.com 1 redirects
2 loada.exelator.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 m.fg8dgt.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 data00.adlooxtracking.com am.adlooxtracking.com
2 am.adlooxtracking.com ib.3lift.com
2 match.taboola.com www.nydailynews.com
ads.pubmatic.com
2 rtb.mfadsrvr.com 2 redirects
2 pixel.tapad.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.nydailynews.com
2 s0.2mdn.net imasdk.googleapis.com
www.nydailynews.com
2 aax-us-east.amazon-adsystem.com c.amazon-adsystem.com
www.nydailynews.com
2 sync.srv.stackadapt.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
ssum.casalemedia.com
2 ads.creative-serving.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 onesignal.com cdn.onesignal.com
2 amazon-tam-match.dotomi.com 2 redirects
2 fonts.googleapis.com client
tpc.googlesyndication.com
2 ps.eyeota.net 1 redirects bcp.crwdcntrl.net
2 aa.agkn.com bcp.crwdcntrl.net
2 cdn.onesignal.com www.nydailynews.com
cdn.onesignal.com
2 www.i.matheranalytics.com www.nydailynews.com
2 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 js.matheranalytics.com 1 redirects www.nydailynews.com
2 www.tribdss.com 1 redirects www.nydailynews.com
2 grid.bidswitch.net tribune-nydailynewsclassic.zeustechnology.com
2 fastlane.rubiconproject.com tribune-nydailynewsclassic.zeustechnology.com
2 htlb.casalemedia.com tribune-nydailynewsclassic.zeustechnology.com
2 c.go-mpulse.net www.nydailynews.com
c.go-mpulse.net
2 www.googletagmanager.com www.nydailynews.com
2 assets.zephr.com www.nydailynews.com
1 d.adroll.com 1 redirects
1 sync.extend.tv 1 redirects
1 ssum.casalemedia.com srcdoc
1 match.adsby.bidtheatre.com 1 redirects
1 rtb.gumgum.com
1 ads.playground.xyz 1 redirects
1 sync.resetdigital.co 1 redirects
1 pixel.quantserve.com 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 docker.creative-serving.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 idr.cdnwidget.com
1 us-vid-events.taboola.com
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 pd.cdnwidget.com assets.bounceexchange.com
1 ca1.qualtrics.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 rr2---sn-apaapm4g-apae.googlevideo.com
1 rr6---sn-tt1eln7l.googlevideo.com 1 redirects
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 vidstat.taboola.com cdn.taboola.com
1 us.ck-ie.com
1 event.clientgear.com 1 redirects
1 us-east-sync.bidswitch.net 1 redirects
1 prod-use.perf-serving.com
1 15.taboola.com cdn.taboola.com
1 rtb.adentifi.com
1 spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 tag.wknd.ai www.nydailynews.com
1 zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com www.nydailynews.com
1 pixelam.adlooxtracking.com www.nydailynews.com
1 vae-bid.adsrvr.org www.nydailynews.com
1 aax.amazon-adsystem.com www.nydailynews.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 s.uuidksinc.net 1 redirects
1 visitor.omnitagjs.com www.nydailynews.com
1 rtd-tm.everesttech.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 e1.emxdgt.com www.nydailynews.com
1 rtb-csync.smartadserver.com www.nydailynews.com
1 ads.yahoo.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 sync.adotmob.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 crb.kargo.com s.amazon-adsystem.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 cd.connatix.com 1 redirects
1 us-trc-events.taboola.com www.nydailynews.com
1 beacon.krxd.net bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 sync.sharethis.com bcp.crwdcntrl.net
1 jadserve.postrelease.com 1 redirects
1 static.adsafeprotected.com www.nydailynews.com
1 www.google.ca www.nydailynews.com
1 ping.chartbeat.net www.nydailynews.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.chartbeat.com www.nydailynews.com
1 www.gstatic.com www.google.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 c2.taboola.com www.nydailynews.com
1 api.taboola.com www.nydailynews.com
1 cdn5.userzoom.com www.nydailynews.com
1 d1n00d49gkbray.cloudfront.net www.nydailynews.com
1 geo.privacymanager.io ats.rlcdn.com
1 api.rlcdn.com js-sec.indexww.com
1 idx.liadm.com js-sec.indexww.com
1 p1.parsely.com www.nydailynews.com
1 cdn.id5-sync.com www.nydailynews.com
1 ats.rlcdn.com www.nydailynews.com
1 ampcid.google.ca www.google-analytics.com
1 d15kdpgjg3unno.cloudfront.net tribune-nydailynewsclassic.zeustechnology.com
1 authenticate.nydailynews.com www.nydailynews.com
1 ampcid.google.com www.google-analytics.com
1 insights.zeustechnology.com tribune-nydailynewsclassic.zeustechnology.com
1 cdn.parsely.com www.googletagmanager.com
1 dyv1bugovvq1g.cloudfront.net tribune-nydailynewsclassic.zeustechnology.com
1 js-sec.indexww.com tribune-nydailynewsclassic.zeustechnology.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 s.go-mpulse.net www.nydailynews.com
1 ssor.tribdss.com www.nydailynews.com
1 tribune-nydailynewsclassic.zeustechnology.com www.nydailynews.com
660 245
Subject Issuer Validity Valid
tronc.web.arc-cdn.net
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
assets.zephr.com
Amazon		 2021-05-28 -
2022-06-26		 a year crt.sh
*.zeustechnology.com
Amazon		 2021-05-15 -
2022-06-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
www.trbimg.com
DigiCert SHA2 Secure Server CA		 2021-08-10 -
2022-06-02		 10 months crt.sh
zephr.sun-sentinel.com
Amazon		 2022-02-07 -
2023-03-07		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
authenticate.baltimoresun.com
Amazon		 2021-10-12 -
2022-11-09		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.liadm.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
manager.userzoom.com
DigiCert SHA2 Extended Validation Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
queue.amazonaws.com
Amazon		 2021-10-15 -
2022-10-07		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
smarterhq.io
Amazon		 2021-10-20 -
2022-11-17		 a year crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
smoggysnakes.com
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
sharethis.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.app.kargo.com
Amazon		 2022-01-06 -
2023-02-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
aax-us-east.amazon-adsystem.com
Amazon		 2021-09-13 -
2022-09-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.adlooxtracking.com
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-24 -
2022-09-24		 a year crt.sh
tag.wknd.ai
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.perf-serving.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-17 -
2022-03-28		 2 years crt.sh
*.cdnbasket.net
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-09-27		 a year crt.sh
ids.cdnwidget.com
R3		 2022-02-12 -
2022-05-13		 3 months crt.sh
pd.cdnwidget.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
*.wunderkind.co
R3		 2022-02-14 -
2022-05-15		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
idr.cdnwidget.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
ssp.behave.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-22		 a year crt.sh

This page contains 84 frames:

Primary Page: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Frame ID: 63D1C560A87B816CCA0E3773A7B4B0CB
Requests: 280 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
Frame ID: 8AA09E77EA228C8A4D2B465F01BAE67C
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=13200
Frame ID: AD99F476B56CC309258CD6FE3D688B3F
Requests: 1 HTTP requests in this frame

Frame: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AECEA187C01D1A38072CC990715AD1BD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbUhyQdF1pbEnbxoWIlUL1omOf2MkuWFTKF4pou2ui1vXxXiueyCI3418jYdhyoORibXAear_YNk1-Fh8iZdjXiwisEMnLI0vG3dWE-yBmec4VDtXmsuuSb2ybzpT1CMxtq6sL8KPsj5GnHO4eqUBvG-uIXwvpifATuA2sPCGu_p6BoEmAFEodI3In9ujtRerpvz196_NJ1B5TZYHhvoARrvIyJrm5Qc2I-DCG-88ewf22C2hwujTfo0RUGPabzYH366cgh0dcO2AfW9uqIG89qW6r-9WRLaK8vWcZiOZ2p59M6Eh7fYweNU1pARfyltr7FUI&sai=AMfl-YQ2lnQN903vGAYqMkhjfPW0gk_QiRmuiUPT7132yf6p5ak9RU54R5Ihs0iQc59hEFVDsoXTLnJ8sdE4C-1pxNg9oUGN4aLc_3hjzD3pqC0nKuFVes6GY4eJGmY1HO_U&sig=Cg0ArKJSzOSw_BuUsa8CEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FE2D563E7A39E71BF8B4712EE1BC9B9C
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&dcc=t
Frame ID: 2C5F9F5AF47088DAFEBF185AB14828D8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 481FE38587A24B3D1FE11DE9EE82F589
Requests: 13 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Frame ID: 962A3AF33DBDBB82A3C8775741FB360B
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 92BB8CCF25F1A48B65F939C1AACFA580
Requests: 1 HTTP requests in this frame

Frame: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 01D9F3C89BDBC1A3AB5D7E48BE82DEC2
Requests: 10 HTTP requests in this frame

Frame: https://cds.connatix.com/p/150597/connatix.player.js
Frame ID: A1AE8156F778AA90A533DC1231E56411
Requests: 62 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 80D06B2E1BF6FD80862B256977269D85
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 7AA28B53AB447FE83455AFBA0CE60EA6
Requests: 11 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: BC3FE1F5ADA1869414A43E1D3C4E648D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: C41C1DE6DE9F2AC3BE29FAD176876CF5
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1iMmhjQVlORTJ1SmI1ZWJYN0NUdkZvTHV4cmltSmJOV35B
Frame ID: 2ACCBF627AC04906935A6754F8E916A8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 447B2E08AE57625EB332E1B123F6A8DB
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKa-n8VKaUgNJ8-ewAAAAAAA&expiration=1645047337&is_secure=true
Frame ID: 0CF94A2107CDF69A3E8750136D3171FE
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Frame ID: 467EE85A5ABDF6E7E22001CF49FED700
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7341874419548819343&ex=appnexus.com
Frame ID: 407C12A200A0F288E22DA2490B602068
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2849636505712819506532
Frame ID: B4A7EFB60850FD306014BDF02890E970
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
Frame ID: E317563661A1C822F2660B06B8444A64
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YgwcqQAGb6pD5wAy
Frame ID: 1159E76104BDC6128A56A9BF9C63D5CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&gdpr=0&gdpr_consent=
Frame ID: F884341FF2F6A5A684B5516F0D0D8667
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeU07EGDkAAAPyeAisoQ
Frame ID: 99E01C67FD9F061BEF5FD37A4F08EC63
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html
Frame ID: 9123EC35C2C1589AEE7A3C89A428DDC0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 34A6D7B7C57FB3C7917625D0C9D30027
Requests: 2 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Frame ID: CFC49C2CC454A6F9337D9BDAD80689EF
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBSX9MZHGHdDdiV0lr4PdqaePwLHH2FBE2mMDY8iX56pqDn3qfDfYqhb-088jB5AfoQLDKvNmH0zzSlEM4_wWbWKss2LQ2kjS2JVo8AJIZk6PuPDzVy0KZYafVWDr7C6kGlsfY9Xs0gQchRQP8mJJYbfi78_nTpE7f6UWWLHpv7LFWJwXzFkoX1kJb05NZST2tO_RUWtHcaMTnCD9nlGnkegG1kXBZN4QmSQgdpx6MEv9WRvknKpO2gzBmfGMzlOH5r8lMWug8vEdEPMC7D3I0R2NiQi7kZRlArgo-7SA2vZQxoE3Mrb76xzlPNuaab3Q&sig=Cg0ArKJSzCKOIFZqA0G5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 92CECCB62D288E94B86F71620A493115
Requests: 4 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Frame ID: 3FFED07E84E4E33B1FE19FA18D3B48E5
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Frame ID: A892E1918125B7606D3F4E99A8AE7458
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Frame ID: 0A3C830021A10E9957FF854B376C5487
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Frame ID: 07C8556A9A1A8D4259CA3AC0384230C3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Frame ID: F68C25674BF29D50E9134841251D43CC
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Frame ID: 28C22DB23BCB6BB4C29C89966F2AC135
Requests: 30 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Frame ID: 1CBCCA9603957A805191F85FB1880CE4
Requests: 3 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X
Frame ID: 2EF70DF2B4D93FDE5A96748D576A753E
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 12C7C809C6E6E478677FB111964CB591
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CE19308333707DD083467B1CF62DA87D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 10BA42FF8BC6BFF249931B148D049428
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CD17FB8B3674851FD9BC3523CC8A282B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F235A742D4BB50E06223B0C946BFB275
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9786CA10D309EC2D565C88A8EE600A51
Requests: 1 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=Tribune_RON_Desktop_970x250_TAM
Frame ID: EA8485000A47FB0811ADF298BE61019B
Requests: 9 HTTP requests in this frame

Frame: https://am.adlooxtracking.com/ads/js/tfav_adl_451.js
Frame ID: 339C6D690558C37E9413880EB78D2AA0
Requests: 3 HTTP requests in this frame

Frame: https://vae-bid.adsrvr.org/bid/feedback/triplelift?t=1&iid=f85c047c-a02e-4297-ba5c-42e3f81c2ba1&crid=drtzgjat&wp=11.0&aid=1&wpc=USD&sfe=14439ca8&puid=&tdid=&pid=acjf93j&ag=ks2xwbz&adv=4ecukjb&sig=1liKWS1CVtZ2nS5vurGpJwIYejtgHVMcnh6Pc3hsD8mY.&bp=11&cf=2930211&fq=0&td_s=www.nydailynews.com&rcats=zm4,hhr,7sp,5rf,7gr,3c6,2gy,hmy,y29,tmc,d3i&mcat=dv-52000310&mste=nydailynews.com&mfld=4&mssi=&mfsi=&uhow=64&agsa=&rgz=H3G&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=2842&did=tlx-27790&rcxt=Other&lat=45.499500&lon=-73.584800&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAFYAoABAIgBAZABAQ..&dur=Cj4KIWNoYXJnZS1tYXhEb3VibGVWZXJpZnlCcmFuZFNhZmV0eSIZCPH__________wESDGRvdWJsZXZlcmlmeQpDCiZjaGFyZ2UtYWxsRG91YmxlVmVyaWZ5Q3VzdG9tQ29udGV4dHVhbCIZCIf__________wESDGRvdWJsZXZlcmlmeQ..&durs=aOmAfn&crrelr=&adpt=tl_ltriplelift&ipl=32811&pcm=1&said=19010034279587409418600&ict=Unknown&auct=1&im=1&mc=ed66ff38-f23d-47ff-86ff-023546c164b8
Frame ID: 0AA932872F2F522C9D3232BCEA330636
Requests: 2 HTTP requests in this frame

Frame: https://img.3lift.com/lp?width=400&height=225&url=%2F%2Fimages.3lift.com%2F11916542.jpg&logo_exclude=&v=20&no_crop=0&noCrop=1
Frame ID: ABD40E4C1157555F17995F67B6A02241
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 66C64E78D3E4FF7315CB592212E4CC75
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=59228
Frame ID: 45284A20B0BEFAEB3524759E4FAE97F5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49C4042E0D0A3F7DCB17F690AB5B00F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9EE04798B4432158087C99AB7CC4819
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B2436B77465BB37066763B50738F3949
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 02718C39081FBD9E6CC6942C08354638
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=9021BD47-D564-4E09-BA75-7F25F0BF77FF&ex=pubmatic.com
Frame ID: 5DC161B993A0FA38EE702A13B3924D81
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 501ABD9654108CC405A95257D85D006A
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8016157&crid=5318825&dast=V7xxQCFgMnsDOf0uVOiQQnsDOf0uVOiQUAAAAGBvQHGzfh7YaD2Wy22sxmg9lgN9rNdrvJYLNcDmHjJrzdcDCbzVab2WwwG-w2u91qMhlNVpMpfBjLZTKoBRKX2e97Kyynp8fscouOrrfF829QOmxAQ9Pp8Lnu9brf7y53nhxOs_Pu8n3uGr_bL3f5Pn_d33I2-eUOt8vzljk8Ls9bYfE7LCe32mF2OD9Ph1vhtJyddpfnLTM7fUbTW7MbrBWW09NjdrkVc8Vus5wsdnMAAAAAeACIQkmF-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAKMiq0wAw4UBov910eTnM_gAAeFAAAQAQwCABECgfLAHwwMk_AQAAAAAAAABg-f___48B0IvqkAH48ErrAXjwAXggImArYgQAAABQiZMpezSpEyqLKgAAgnQrgCsAgAC_fyiBjzAAAIABsfYvDrlhVmmZsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCGHhqbT4XPd63W_313uPDmcZufd5fvcNX63X-7yff66v-Vs8ssdbpfnLXN4XJ63wuJ3WE5utcPscH6eDrfCaTk77S7PW2Z2-oymt2Y3WCssp6fH7HIr5ordZjlZ7EZnkMPFZLZbHUHMlqvZAQAAANz9____47V_ccgNs0rL6IHgYmMx7VYr58Sz2lgsLptlt3CZhrvNYjmaLFce781RLIfcxSoT9oWIy-z3vRWW09NjdrlFR9fb4vk3KB2C-KBhWE4GwfwmbDFaTSab5XC2XEwGw9FwNNqfQA4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIcyvTcjQaLtbKwcq3Fq0mk7XEMZyslQuXbzebGFYTy3Iten1Mz8FqYZnstigYYLYXwUU6kTtPDqfZeXf5Pm-58-Rwmp13l-9zEUs0J4t0Irvsi4uNxbRbrZwTz2pjsbhslt3CZRruNovlaLJcefy9lWk5Gg0Xa-Vg5VuLVpPJWuIYTtbKhcu3m00Mq4lluRa9PqbnYLWwTHb7xmw0Ws4Gy81q35iNRsvZYLlZ7jt0hu_qczaauyW_RyXUbP_K7cx8ULgMFu9KdVppC5KDNnsVOV2ambKoMyqf35HXoPAcPKqPb_rM2MYNa633XDgOFkUsEZwu0onoZTxdxBLJ0yKdiGyumWG229g8ntlmOfEYZpvdauIZ7HarzcRk8VjEEqXpIp3o5S7f56_7W84mv9zhdnneMofH5XkrLH6H5eRWO8wO5-fpcCuclrPT7vK8ZWanz2h6a3aDtcJyenrMLrdirthtlpPFbqL-o0OMlnPVbK5YbeaK3XCVAAAAAAAAAACWMGXeBAAAAOA0iOFyONktF-Ah-04XGAQAAAAAAGC359DtI_1ux7a48eMLd54cTrPz7vJ93nLnyeE0O-8u3-fKAA9lLMybPRPEWq2WNQAAgAA2AABAALdu3gLRITk!&cmcv=&pix=undefined&cb=1644960941457&uv=3120&tms=1644960941457&abt=adh5c-1_vA!dfrc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B7780666536606074767720399&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 466399927E16210E498E11B5B0654493
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7xxQCFgMnsDOf0uVOiQQnsDOf0uVOiQUAAAAGBvQHGzfh7YaD2Wy22sxmg9lgN9rNdrvJYLNcDmHjJrzdcDCbzVab2WwwG-w2u91qMhlNVpMpfBjLZTKoBRKX2e97Kyynp8fscouOrrfF829QOmxAQ9Pp8Lnu9brf7y53nhxOs_Pu8n3uGr_bL3f5Pn_d33I2-eUOt8vzljk8Ls9bYfE7LCe32mF2OD9Ph1vhtJyddpfnLTM7fUbTW7MbrBWW09NjdrkVc8Vus5wsdnMAAAAAeACIQkmF-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAKMiq0wAw4UBov910eTnM_gAAeFAAAQAQwCABECgfLAHwwMk_AQAAAAAAAABg-f___48B0IvqkAH48ErrAXjwAXggImArYgQAAABQiZMpezSpEyqLKgAAgnQrgCsAgAC_fyiBjzAAAIABsfYvDrlhVmmZsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCGHhqbT4XPd63W_313uPDmcZufd5fvcNX63X-7yff66v-Vs8ssdbpfnLXN4XJ63wuJ3WE5utcPscH6eDrfCaTk77S7PW2Z2-oymt2Y3WCssp6fH7HIr5ordZjlZ7EZnkMPFZLZbHUHMlqvZAQAAANz9____47V_ccgNs0rL6IHgYmMx7VYr58Sz2lgsLptlt3CZhrvNYjmaLFce781RLIfcxSoT9oWIy-z3vRWW09NjdrlFR9fb4vk3KB2C-KBhWE4GwfwmbDFaTSab5XC2XEwGw9FwNNqfQA4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIcyvTcjQaLtbKwcq3Fq0mk7XEMZyslQuXbzebGFYTy3Iten1Mz8FqYZnstigYYLYXwUU6kTtPDqfZeXf5Pm-58-Rwmp13l-9zEUs0J4t0Irvsi4uNxbRbrZwTz2pjsbhslt3CZRruNovlaLJcefy9lWk5Gg0Xa-Vg5VuLVpPJWuIYTtbKhcu3m00Mq4lluRa9PqbnYLWwTHb7xmw0Ws4Gy81q35iNRsvZYLlZ7jt0hu_qczaauyW_RyXUbP_K7cx8ULgMFu9KdVppC5KDNnsVOV2ambKoMyqf35HXoPAcPKqPb_rM2MYNa633XDgOFkUsEZwu0onoZTxdxBLJ0yKdiGyumWG229g8ntlmOfEYZpvdauIZ7HarzcRk8VjEEqXpIp3o5S7f56_7W84mv9zhdnneMofH5XkrLH6H5eRWO8wO5-fpcCuclrPT7vK8ZWanz2h6a3aDtcJyenrMLrdirthtlpPFbqL-o0OMlnPVbK5YbeaK3XCVAAAAAAAAAACWMGXeBAAAAOA0iOFyONktF-Ah-04XGAQAAAAAAGC359DtI_1ux7a48eMLd54cTrPz7vJ93nLnyeE0O-8u3-fKAA9lLMybPRPEWq2WNQAAgAA2AABAALdu3gLRITk!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 98BD572EADFC41804A3CDC13048AAF7A
Requests: 1 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
Frame ID: 491C207D1AF240C43A47D2C8056D13FD
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: 8A32F10EEFEC75F482F5623A1138ABD7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 8B8FF25AB54234DC29015C43D6300635
Requests: 12 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
Frame ID: DAE5A3799EDBD841EEE614A6C0B6B16C
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: 94361B3C41D05E34577EFEF19933B033
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: ECEAC6E68C86D0C044DD5F6A81E00A5A
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UKiHbJnYSxFCTxSnbGkqxZU4mbI
Frame ID: C74FF6D89F5116BD1D951F2AC62BCDCB
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
Frame ID: F16C7382BED109EF03BB69C6703EB851
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36fb55cc-8ea7-11ec-9c76-a035d55853f1
Frame ID: 46AE07DBB6AD3CFC92F1BBD8BAA07061
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D17E624DD3C22DA33D0CA2ECADD04FF4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NR0ktyTD1Nk5u95&gdpr=0&gdpr_consent=
Frame ID: F47129EDFD5142FFD03119BB609666A2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647429219865
Frame ID: 20CB37A03CC656EB2E9A60A0C1D7494B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebb3f611-4d49-4469-9039-bee6f997b430-005
Frame ID: CEDC398DA9B4284F0C831F1D9E09A288
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6982473371180712174
Frame ID: 49843A85A60F7354FB0201558A698F03
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1ead7ede-8c59-411f-b8d3-d00702804dea
Frame ID: 465E8387530BABA472FAD29153C6F4C6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d4084d10-0750-4cd0-9077-8f443013cdf9
Frame ID: 87EC03BCD6CC727BF72B88D5CF7F4387
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2CE185994F91B5FCA88931D998280530
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CcydyAqhBu6u_CO1sRwMYg
Frame ID: D38239E425658EED927BBC1F6E410B33
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CFAD959F28C0DDA226B7161580DD85E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e6e841ae-f59b-4038-884c-614a98376bee
Frame ID: 71D93794CB676CFF0AB837B065ED1A61
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 52BFD51A7146B06DA378865CD4DDBC24
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: FF1ADE7445BC3985B79852238E9A0ECB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
Frame ID: E38C19DD2C882ED7EB13AFEB60073FCF
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
Frame ID: 07C45E5BFD4290FFCEC25D8844D07360
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: EF3FF3050245082975AD71753C55C0DD
Requests: 10 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Frame ID: B5217C722D5A285CC25A725D6AB7B537
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: DDCA1F2737A9130CFD9B5F840B3EC99E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malaysia Airlines Flight 370: See names, faces of passengers aboard doomed plane - New York Daily NewsBack ButtonSearch IconFilter IconGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

660
Requests

82 %
HTTPS

22 %
IPv6

140
Domains

245
Subdomains

148
IPs

11
Countries

8691 kB
Transfer

21303 kB
Size

258
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1644960935010&ns_c=UTF-8&c8=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&c7=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1644960935010&ns_c=UTF-8&c8=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&c7=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&c9=
Request Chain 92
  • https://www.tribdss.com/meter/nydnarc.min.js HTTP 302
  • https://www.tribdss.com/meter/nydnarc.min.js?disabled=international
Request Chain 93
  • https://js.matheranalytics.com/s/ma89701/197837700/all/sp.js?cb=1590 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
Request Chain 96
  • https://www.nydailynews.com/api/v2/render/feature?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false HTTP 301
  • https://www.nydailynews.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
Request Chain 120
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&dcc=t
Request Chain 170
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183715&cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D6725%2Ftp%3DINDX%2Ftpid%3D__UID__ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D6725%2Ftp%3DINDX%2Ftpid%3D__UID__&s=183715&C=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgwcqAdSSrXi2CkqYWrfowAA%26553
Request Chain 172
  • https://jadserve.postrelease.com/dmp/5?vk=f7a752960b88f39ddc708de0b4bfaade&ntv_r=https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=NTV_USER_ID HTTP 302
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=4ac3d601-46a4-43cb-abb9-9ad681b98672
Request Chain 175
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=b219f9f3-ad06-429c-a25b-6c99f6cc4eae
Request Chain 178
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=f7a752960b88f39ddc708de0b4bfaade HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=f7a752960b88f39ddc708de0b4bfaade
Request Chain 179
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=523345926 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7341874419548819343/gdpr=0/rand=523345926
Request Chain 190
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/150597/connatix.player.js
Request Chain 197
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1iMmhjQVlORTJ1SmI1ZWJYN0NUdkZvTHV4cmltSmJOV35B
Request Chain 199
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=3fc09174117608e8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKa-n8VKaUgNJ8-ewAAAAAAA&expiration=1645047337&is_secure=true
Request Chain 201
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7341874419548819343&ex=appnexus.com
Request Chain 202
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2849636505712819506532
Request Chain 208
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9021BD47-D564-4E09-BA75-7F25F0BF77FF HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
Request Chain 209
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YgwcqQAGb6pD5wAy
Request Chain 210
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&gdpr=0&gdpr_consent=
Request Chain 211
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZVUwN0VHRGtBQUFQeWVBaXNvUQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeU07EGDkAAAPyeAisoQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABeU07EGDkAAAPyeAisoQ&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABeU07EGDkAAAPyeAisoQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeU07EGDkAAAPyeAisoQ
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kCG9R9VkTgm6dX8l8L93_w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 213
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkwMjFCRDQ3LUQ1NjQtNEUwOS1CQTc1LTdGMjVGMEJGNzdGRhAAGg0IqbmwkAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=72634e8149cc4d360f223c24ae6d1556c381bc5523cd1a8a1d9ef5065d96ec69791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MjYzNGU4MTQ5Y2M0ZDM2MGYyMjNjMjRhZTZkMTU1NmMzODFiYzU1MjNjZDFhOGExZDllZjUwNjVkOTZlYzY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIqbmwkAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MjYzNGU4MTQ5Y2M0ZDM2MGYyMjNjMjRhZTZkMTU1NmMzODFiYzU1MjNjZDFhOGExZDllZjUwNjVkOTZlYzY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIqbmwkAYSBAgCEABCAEoA&google_gid=CAESECoJSyLyTd4ZpKCFFLIq2XM&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=3566068a-e384-49c9-abcf-fc1f74ec0477
Request Chain 214
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4b46620c-1ca9-4f00-bea3-ad06a4d5f2e8
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTAyMUJENDctRDU2NC00RTA5LUJBNzUtN0YyNUYwQkY3N0ZG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMUSodXOE1OW3KVu5VLPUCo&google_cver=1
Request Chain 217
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
Request Chain 218
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8271880283115917977&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=013f5489-abdd-43ed-8226-582ddfebe20d
Request Chain 221
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JbP6pfRE2uWlIXfz9n.IIp2qkV.bYp0-~A&gdpr=0&gdpr_consent=
Request Chain 223
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YgwcqQAGbTJD6QAy HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgwcqQAGbTJD6QAy&_test=YgwcqQAGbTJD6QAy
Request Chain 225
  • https://match.adsrvr.org/track/cmf/openx?oxid=a06f24e0-97f8-74da-c411-9f62656a418a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=013f5489-abdd-43ed-8226-582ddfebe20d&ttd_puid=a06f24e0-97f8-74da-c411-9f62656a418a
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKvjfMiL4EKMlyOT78TI1Ao&google_cver=1
Request Chain 228
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=013f5489-abdd-43ed-8226-582ddfebe20d&expiration=1647552937&gdpr=0&gdpr_consent=
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgwcqAdSSrXi2CkqYWrfowAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOa5on1Oh0qOLt3WGuZKzW8&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM_BpngiCEa0roI8_28Wfys&google_cver=1
Request Chain 232
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6982473371180712174&uid=Q6982473371180712174&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6982473371180712174
Request Chain 233
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=36fb55cc-8ea7-11ec-9c76-a035d55853f1
Request Chain 234
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e6e841ae-f59b-4038-884c-614a98376bee&ssp=index&expires=30&user_group=5&bsw_param=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ed239641-d788-4f62-a800-8b3ea6dac16f
Request Chain 235
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=074f220407de11c827e93899&expiration=[EXPIRATION]
Request Chain 238
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=7341874419548819343&pn_id=an
Request Chain 239
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119781&expires=5&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=ed239641-d788-4f62-a800-8b3ea6dac16f&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 240
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=013f5489-abdd-43ed-8226-582ddfebe20d
Request Chain 241
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=UKiHbJnYSxFCTxSnbGkqxZU4mbI
Request Chain 242
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=3C4Iq6OQzwe8&ev=1&pn_id=pp&pid=561118
Request Chain 258
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZON9OYT-C-HI4X HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KZON9OYT-C-HI4X&ex=d-rubiconproject.com&status=ok
Request Chain 265
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZON9OYT-C-HI4X&sigv=1&esig=2~c029b72c8f428f32b906c1bb6054429cb8bd0ca1
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGDqYgT-w4mhKakEUYwRyI&google_cver=1
Request Chain 267
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgwcqQAGbTJD6QAy
Request Chain 268
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=013f5489-abdd-43ed-8226-582ddfebe20d&gdpr=0&gdpr_consent=&expires=30
Request Chain 269
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjQ5MTRlMGQxYmNiYzlhZjljMWI1YjQ4NmE3ZjkyMGMxMzM0NzJjNA
Request Chain 270
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pPTjlPWVQtQy1ISTRY
Request Chain 271
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e95620c-1ca9-4700-919b-67f5c4b03518
Request Chain 285
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dBeeswax%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d{userid} HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABeU07EGDkAAAPyeAisoQ
Request Chain 286
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=013f5489-abdd-43ed-8226-582ddfebe20d&ttl=1647552938
Request Chain 287
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dAppNexus%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=7341874419548819343
Request Chain 288
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dSpotX%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dSpotX%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=37597bd8-8ea7-11ec-b4e0-145284e10203 HTTP 302
  • https://cks.connatix.com/cks?pid=10&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=37597b60-8ea7-11ec-b4e0-145284e10203
Request Chain 297
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 332
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEENFr1xjjpQmUEuO-eFFc98&google_cver=1
Request Chain 335
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=013f5489-abdd-43ed-8226-582ddfebe20d
Request Chain 337
  • https://ce.lijit.com/merge?pid=42&3pid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 341
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6dd842b3-f84a-4806-9cab-93e1e8d6f3ad
Request Chain 342
  • https://id5-sync.com/s/464/9.gif?puid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7341874419548819343&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOb9eMiJy49sFN0zYLHq5PAyVXcu-qjwy_z7ArCA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=3e95620c-1ca9-4700-919b-67f5c4b03518&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=013f5489-abdd-43ed-8226-582ddfebe20d&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/3/5.gif?puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/2/6.gif?puid=e71b02ea-6e43-4b95-a180-357b61e1aff7&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/1/7.gif?puid=53dedc75-b99a-44ee-ad6a-b4a47de6748c&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/136/0/8.gif?puid=YgwcqQAGbTJD6QAy&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOb9eMiJy49sFN0zYLHq5PAyVXcu-qjwy_z7ArCA
Request Chain 343
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8144174960646922484&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ed239641-d788-4f62-a800-8b3ea6dac16f
Request Chain 344
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6bda85a5-2fe9-465b-a7aa-dd391f814622 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6bda85a5-2fe9-465b-a7aa-dd391f814622&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D6bda85a5-2fe9-465b-a7aa-dd391f814622&isDirect=0
Request Chain 348
  • https://s.uuidksinc.net/match/951/?remote_uid=SSP_UID HTTP 302
  • https://sync.taboola.com/sg/kadamrtb-network/1/rtb-h/?taboola_hm=1hjsszwk42XSCP7cwRde
Request Chain 388
  • https://ad.doubleclick.net/ddm/ad/N69702.284566THETRADEDESK/B27037743.324351778;sz=1x1;ord=1644960939128;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/ad/N69702.284566THETRADEDESK/B27037743.324351778;dc_pre=CKDf0YPVgvYCFRlYDQodlksOqQ;sz=1x1;ord=1644960939128;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://s0.2mdn.net/4531883/12222021-195938618-1x1_Pixel.png
Request Chain 390
  • https://www.nydailynews.com/api/v2/render/feature?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false HTTP 301
  • https://www.nydailynews.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
Request Chain 409
  • https://sb.scorecardresearch.com/c2/6036462/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=013f5489-abdd-43ed-8226-582ddfebe20d&dongle=0cfd
Request Chain 415
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=r3criHqfM&dongle=u6nf
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELUrAm-a_H0tYmCaNn-MaSo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 417
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg0OTYzNjUwNTcxMjgxOTUwNjUzMg%3D%3D
Request Chain 418
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2849636505712819506532&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2849636505712819506532&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c9d8585d-03c8-40fa-8ffd-5bab783243de&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c9d8585d-03c8-40fa-8ffd-5bab783243de&_noobservation=1&_expected_cookie=46e062e4b7c37634a82216fa39c063b7
Request Chain 419
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2849636505712819506532?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CniPMfhE2oTc3K0ftYxd4jyYNKCdrejWNhZl944gVg--~A&dongle=0883
Request Chain 422
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2849636505712819506532&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=3886b247-94c4-45c0-8421-1aa78dc9612f HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ed239641-d788-4f62-a800-8b3ea6dac16f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 423
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=o7JkaG0JGM2a_wmNYbt2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N43UU23BI4YEUR2NGJQV653NJZMWE5BS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N43UU23BI4YEUR2NGJQV653NJZMWE5BS HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o7JkaG0JGM2a_wmNYbt2
Request Chain 425
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8271880283115917977&dongle=d407
Request Chain 428
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABeU07EGDkAAAPyeAisoQ&dongle=bzwx
Request Chain 429
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=3e95620c-1ca9-4700-919b-67f5c4b03518&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 430
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=38cb8f87-8ea7-11ec-845d-938739db1108&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 443
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 446
  • https://pixel.onaudience.com/?partner=214&mapped=9021BD47-D564-4E09-BA75-7F25F0BF77FF HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f7a752960b88f39ddc708de0b4bfaade HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=cfb819eda68346e0374181f0a81aaaa0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=013f5489-abdd-43ed-8226-582ddfebe20d&icm HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-KB0r0O1E2pQGti9T0ju.HJrv7DwmnZLnYg--~A&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=7467ebf23af33380
Request Chain 447
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=&fbounce=1
Request Chain 449
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9021BD47-D564-4E09-BA75-7F25F0BF77FF HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=38d70120-8ea7-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9021BD47-D564-4E09-BA75-7F25F0BF77FF
Request Chain 450
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cd664b7563608e7&is_secure=true&networkId=17100&version=1&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKgqa_i0prANb_nOfAAAAAAA&expiration=1645047340&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 451
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38d02363-8ea7-11ec-aebc-319bbbf9d2d9&gdpr=0&gdpr_consent=
Request Chain 452
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7341874419548819343&gdpr=0&gdpr_consent=
Request Chain 460
  • https://us-east-sync.bidswitch.net/sync?ssp=taboola&dsp_id=366&imp=1 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartyads&bsw_custom_parameter=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk6ae5627c-7549-4dbb-9eb6-ca5e74eed4e9&expires=7&user_group=5&ssp=smartyads&bsw_param=ed239641-d788-4f62-a800-8b3ea6dac16f HTTP 302
  • https://us.ck-ie.com/bidswitch921.gif?puid=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA}
Request Chain 486
  • https://rr6---sn-tt1eln7l.googlevideo.com/videoplayback?expire=1644989740&ei=rBwMYp2AHoHguQKcna2wDw&ip=149.56.153.178&id=71d512e59a26bfcb&itag=22&source=youtube&requiressl=yes&mh=ix&mm=31&mn=sn-tt1eln7l&ms=au&mv=m&mvi=6&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.100&lmt=1644617863226997&mt=1644960763&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALbo-Pg3O23kDd3p7Ityw_X4XlqDFbReroixhNH5nId2AiEAhhjmHghSX89T-T6LShxbd_WUau_GPwlWz3gmXH1gSAc=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgA-0QN2NRdSYVqvoJKZvLDN8pWrmIvrV-Ueayb9i0wv0CIFhDTzDyp-6te208DHFU9hnvI2D6NZLdeacvpLpqpr87&cpn=ysz5HnVZ1sfQ5LiV HTTP 302
  • https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1644989740&ei=rBwMYp2AHoHguQKcna2wDw&ip=149.56.153.178&id=71d512e59a26bfcb&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.100&lmt=1644617863226997&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALbo-Pg3O23kDd3p7Ityw_X4XlqDFbReroixhNH5nId2AiEAhhjmHghSX89T-T6LShxbd_WUau_GPwlWz3gmXH1gSAc=&cpn=ysz5HnVZ1sfQ5LiV&redirect_counter=1&rm=sn-tt1ld7d&req_id=70723cf53f9536e2&cms_redirect=yes&ipbypass=yes&mh=ix&mip=2607:5300:60:7867::10&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1644960161&mv=u&mvi=2&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPayDyBNQ4TcrY845Kb1ONNh1ji0Qr5XRaJmszhpRfJCAiAXOOLgMIs9vRNGEYftE4AmWeU9mPjnebad1MgQf6Mdyw%3D%3D
Request Chain 495
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
Request Chain 496
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
Request Chain 497
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
Request Chain 498
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=0&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
Request Chain 500
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 506
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=ed239641-d788-4f62-a800-8b3ea6dac16f&bidswitch_ssp_id=bouncex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=bouncex HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=ed239641-d788-4f62-a800-8b3ea6dac16f
Request Chain 509
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
Request Chain 510
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
Request Chain 511
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=0&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
Request Chain 512
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
Request Chain 514
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 516
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=KZON9OYT-C-HI4X HTTP 302
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X&gdpr=0&us_privacy=1---
Request Chain 519
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nydailynews.com%2F&domain=www.nydailynews.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=PuTB0nxoU0VjSEFobHlKQnkyWkxWKzhrYWdvQzdDYXdoUzd0cExVald2aXloNFVlb0pPRkFyQ2sxZjZWYmh4RDBRNnB5ejBkQjdKWmFWTzZoUDk5SVZhaTRmemxKYXhEYkpOa21yQzhTL1dQT0cwcHB5YUJ0eG9vS1ErVVJVTWZweVVlRUJwN1NmcDZPeHBHRkMvaVJPUVBWQTZqaVZHdmI4ZEQ5SC9reVVKN2g5MUpMdUtCOUwwZHBhd1kwUFlhTHVUalNxZFNBOHVnd3UvNUVKQmlXd0dLbmRNR1RNb3R3dkFqK0hqMFZMaTUwQ3YxODUzQnhJNGpNdUVGVkdDL3YrUkJmVFZpNThOWE5SckhPMGExcUQySVpoOHV0QndmcDNqd0NERmNrK2dNY0tEZz18&cppv=2
Request Chain 520
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nydailynews.com%2F&domain=www.nydailynews.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=BD29sHxxRVo1TGdzMElnVTdlWjdiSFpOMzV4SHBVWXh1NHlmNjJzd1Y4Sjg2S285cWZ6L0phTnp3TVlTbC8zRTdqY3BiMVlHK3gvT1Y3bzVNNVVUTit1TGRYckNnYU5MWnc5VkdrUFU2TkRnNTZwbFNaeEV4NHZGRjlzRlM3NHFMa0tjZmduOWpLZEx2ZVU4VGRuSG01emRKM3NMS0RDNDUvbnhUaktJQzNJZUZjK05UQlFiNUt4SjkrK0tJZzh4S2ZPWHN3NWVtK2k4MVVrV3BjMGhTK1F0bU83NjRMVklvVmptOWN2eHhaNmRXT1EwNndrMjBBWktqMUVieHVuWlluNEY5cnQwcERSNHQ2Z0dTa2M2Nlo3dHgydz09fA&cppv=2
Request Chain 561
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UKiHbJnYSxFCTxSnbGkqxZU4mbI
Request Chain 562
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bd76d9e8-8464-4b53-812a-e277de61e22d&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
Request Chain 563
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36fb55cc-8ea7-11ec-9c76-a035d55853f1
Request Chain 564
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 565
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NR0ktyTD1Nk5u95&gdpr=0&gdpr_consent=
Request Chain 566
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647429219865
Request Chain 567
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1644960945031 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3457256224 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/013f5489-abdd-43ed-8226-582ddfebe20d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ebb3f611-4d49-4469-9039-bee6f997b430-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ebb3f611-4d49-4469-9039-bee6f997b430-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebb3f611-4d49-4469-9039-bee6f997b430-005
Request Chain 568
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6982473371180712174
Request Chain 569
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1ead7ede-8c59-411f-b8d3-d00702804dea
Request Chain 570
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=450D626A3A2B4E83953C6829C5733743 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=0B9E5FD9E3B246BEB94A104183AF0DEF HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d4084d10-0750-4cd0-9077-8f443013cdf9
Request Chain 571
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 572
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CcydyAqhBu6u_CO1sRwMYg
Request Chain 574
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e6e841ae-f59b-4038-884c-614a98376bee
Request Chain 576
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 577
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
Request Chain 578
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UqUODlX0XwlJrgYMB6YTVFDzDAlJoFtcV69WZ_he
Request Chain 579
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fd1cf86-dfd6-489f-8670-0d4303a12ebf-620c1cb0-4341&gdpr=0&gdpr_consent=
Request Chain 580
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3aa57f34-f749-4497-9a86-7f17c648fd04&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 581
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_EB596444_2B223BC4&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 582
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8144174960646922484
Request Chain 583
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=0000009C4A0A2F06
Request Chain 584
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7341874419548819343
Request Chain 586
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f9a7799-3e1a-4b6b-a2e0-f98b05f94750&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 601
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
Request Chain 602
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26v%3D1%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VmpaMk9YdVQ1S3RtaXZOM1FmYWZqZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGb-8Xj1qICGoBVGy9uNRD8&google_cver=1 HTTP 302
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Request Chain 603
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=0nI7mACIKhvcQ0QP8yzZ&pi=taboola&tc=1
Request Chain 604
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D HTTP 307
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=0B9E5FD9E3B246BEB94A104183AF0DEF
Request Chain 608
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7341874419548819343
Request Chain 610
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
Request Chain 611
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e95620c-1ca9-4700-919b-67f5c4b03518
Request Chain 612
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030001_620c1cb2d1700&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_620c1cb2d1700
Request Chain 613
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b7508a1b-c09f-488f-a731-169d5be0949d&expiration=1676496946
Request Chain 614
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YgwcqAdSSrXi2CkqYWrfowAA%26553 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
Request Chain 615
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NR0ktyTD1Nk5u95
Request Chain 630
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Request Chain 631
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
Request Chain 632
  • https://ups.analytics.yahoo.com/ups/58533/occ HTTP 302
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
Request Chain 633
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=JlwcJ0pDp6buMDi4Bt7k&pi=taboola&tc=1
Request Chain 636
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8271880283115917977
Request Chain 637
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABeU07EGDkAAAPyeAisoQ&expiration=1646170547
Request Chain 638
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgwcqQAGbTJD6QAy
Request Chain 639
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3bba3de15c1a08e9&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKsCBI3ffgAM2PWkKAAAAAAA&expiration=1645047347&is_secure=true
Request Chain 640
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9238ff68-3660-4b84-a641-278608462f9b
Request Chain 641
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8144174960646922484&expiration=1646170547
Request Chain 642
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YgwcqAdSSrXi2CkqYWrfowAA%26553?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YgwcqAdSSrXi2CkqYWrfowAA%26553
Request Chain 643
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

660 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
www.nydailynews.com/news/world/ 		569 KB
121 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b032cccaf1c60911387babd826f98d79c210bf30209cd93c881045871301c7e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=UTF-8
server
openresty
last-modified
Tue, 15 Feb 2022 21:04:09 GMT
x-akamai-transformed
9 578322 0 pmb=mRUM,2
vary
Accept-Encoding
content-encoding
gzip
cache-control
private, max-age=60
expires
Tue, 15 Feb 2022 21:36:34 GMT
date
Tue, 15 Feb 2022 21:35:34 GMT
server-timing
cdn-cache; desc=HIT edge; dur=37
content-security-policy
upgrade-insecure-requests
config.js
confiant-integrations.global.ssl.fastly.net/BxnsMKNekYyllYtt9SMvlO1N2hM/gpt_and_prebid/ 		92 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/BxnsMKNekYyllYtt9SMvlO1N2hM/gpt_and_prebid/config.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
851a74ffa8f02d427545fa401685e1453eee4e2ca9d4797fafd5359e2eb10c01

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:34 GMT
Content-Encoding
gzip
Age
2132
X-Cache
HIT
Connection
keep-alive
Content-Length
22201
x-amz-id-2
LSOnaGuw4r+r+mLXDH5luqU1NX1UL/U1d8qw2B499w2/TW4o9vbupiqienJNbFxvJq637xLnxQc=
X-Served-By
cache-yul12827-YUL
Last-Modified
Tue, 15 Feb 2022 20:52:56 GMT
Server
AmazonS3
X-Timer
S1644960934.371729,VS0,VE0
ETag
"bff76ccda20deeb252e82b1e834a4d0b"
x-amz-request-id
2QDPPEYWKCE973GC
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
4
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
235e6a41fa0aed4266e6861cdddbdaa3c195b32a0a457af0c8452caa9f5e1319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27277
x-xss-protection
0
server
sffe
etag
"1133 / 625 of 1000 / last-modified: 1644926774"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 15 Feb 2022 21:35:34 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
_sJxGhvCZeE1QDAzTxsPGF.D7a87Nyvk
content-encoding
gzip
etag
f1657332112584c2a291a2c0cf3f7f54
age
16080
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0VWN7MV5N0AEMJJYB1R6
date
Tue, 15 Feb 2022 17:07:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ZutgA9bCnylHfB2iwkZx4JRmj1xTipTl-ViAacrWrczTX9Q0e7Kp8Q==
OpenSans-350.woff2
www.nydailynews.com/pb/resources/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/OpenSans-350.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
server
openresty
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31535875
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
215682
expires
Wed, 15 Feb 2023 21:33:29 GMT
OpenSans-400.woff2
www.nydailynews.com/pb/resources/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/OpenSans-400.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
k005iG_FUUsI1ojiIkkSk.XgIYYPlBvk
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXQKJ0657TMZSG1
etag
"237aa94493d93bcf630b9a062f455d0a"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
41684
x-amz-id-2
OjLdgz7WFZAPeTEUAxjRyb6JmsZuXe+caucdPAoe9UJ9Rl0TUdJV/we/qaLz2BCrzuZdahjdOic=
expires
Wed, 15 Feb 2023 21:35:34 GMT
OpenSans-500.woff2
www.nydailynews.com/pb/resources/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/OpenSans-500.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f940681cdfae8d139cd5c47a39071d87247c038b2bfada82bf1d585de84d78fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ty14_UkPQARMs6Zl_zCaLgBTPEVNZq3F
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXZ6GVNZ4M2T94G
etag
"3c1092cb7e7f96f57dde181c71a8573a"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
43488
x-amz-id-2
Xmy3qzwXG3adKfpxhIEVQDgzixYZzvq0S+ueZNRS0MIQIDPN+B9zgL+t9binWJi1JjHTNthIPxg=
expires
Wed, 15 Feb 2023 21:35:34 GMT
OpenSans-800.woff2
www.nydailynews.com/pb/resources/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/OpenSans-800.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
EZWr3gz1fgPiJPsWU_n3AX8DLvPRYP3i
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXSQMRCTNC0DSW0
etag
"91a3cb82f1e4c2e200f59e66253d91cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
16256
x-amz-id-2
geJYrA2sZT1PE0ZSbrM0NGS47U7D3WjIs6Qp1WLa9N5cWNbIXMeG8sEtIV/CPaFGyDjFyD0k1PQ=
expires
Wed, 15 Feb 2023 21:35:34 GMT
OpenSans-700.woff2
www.nydailynews.com/pb/resources/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/OpenSans-700.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Ph_LOIWCfBEnlDfdBK1HV_aNjRBdYmhO
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXGT5437CN2J74B
etag
"b62818c54031125f5feb919cf0cb6752"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
43524
x-amz-id-2
RKW1xHJQdMnwYhV0/Y7ZBND08VgaTtXHSs9WBJTGEyKEURn4OV9wifcf03KAIaRxPB9DZ1JdipE=
expires
Wed, 15 Feb 2023 21:35:34 GMT
PTSerif-400.woff
www.nydailynews.com/pb/resources/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/PTSerif-400.woff?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
9846fd9ff7cdb356a3557d37bf734f801ec7eb230c9f4e1e342113f137c7f738
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
4hrDuoQYcqecZWbxPpuJ9h0GQ23rC8jV
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXGT6028QP815Z4
etag
"d003aae22438b5a54d66768d3999d005"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
39012
x-amz-id-2
PjdBH5lm3VHqaPy74RZy7UdEoX6OhGTfI2K7pP+jxpG+Ka74kswXOD0f9eXoxy8CZUtdDk0jkAs=
expires
Wed, 15 Feb 2023 21:35:34 GMT
Lato-900.woff2
www.nydailynews.com/pb/resources/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/Lato-900.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
4dHzZobYSlt2z3GwOsDCCMjPbJQckS4X
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXXFCD00BBN82SX
etag
"947e87c53b5765bfc8982613ccd789e9"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
22572
x-amz-id-2
dZ/g79q8pB30cNQ0NRWYu6Ec599lYCcKajjGRjUgACNQ5AWDNlkJfkUr/LWaaHtl22cq3brjpUQ=
expires
Wed, 15 Feb 2023 21:35:34 GMT
Lato-700.woff2
www.nydailynews.com/pb/resources/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/Lato-700.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
EwY3xZhyA13sCBqjgkMKg9ge8oNqpdaG
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXTCY1076AZCAT4
etag
"1efbd38aa76ddae2580fedf378276333"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
22992
x-amz-id-2
TnZDbaoFkuTW+wds2OFJR9UeLOl6XHUoPt2T8/kGGwLigQpPZWb5aSxFd1DgJAcNfx6UEeQH0Ik=
expires
Wed, 15 Feb 2023 21:35:34 GMT
Lato-400.woff2
www.nydailynews.com/pb/resources/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/fonts/Lato-400.woff2?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
JkqMfpP1V5tOqfhlu2QlmqdvUz8kj.C1
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-amz-request-id
MBXTHJTPZ8Z4T8WP
etag
"b4d2c4c39853ee244272c04999b230ba"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
23484
x-amz-id-2
aBw5fIYJ5FUsfiOGPFJ/8Z1cIYd61iwqijLmjd7nI3c/XA5/YAdk5mIeTI6SIZ7tNhCOL1lSESU=
expires
Wed, 15 Feb 2023 21:35:34 GMT
nydn-framework1182ffa19d76d40ef0af.css
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-framework1182ffa19d76d40ef0af.css?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
946ebc6526a76f9cc14bdf8cb8d141eb060420c0b5fb5d4bd2e22615ac90f60a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
shC3jlyKdrOCbxvsc0S7YxpJmtmRX.3x
content-encoding
gzip
etag
"0a86eb5eb8d920a60e58f27006a25c59"
x-amz-request-id
MBXQG93EE57J5E6M
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7679
x-amz-id-2
3H8LHaP3xC4fHJjuSTO2pKL59Z0jR3Zzw3p6gr0fRBXIE5RL4008S5CQES/uA5SBvagHRQcaJeU=
last-modified
Thu, 09 Dec 2021 17:06:54 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
nydn-features1182ffa19d76d40ef0af.css
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-features1182ffa19d76d40ef0af.css?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a9f0a9f7315d8bdcd6d49cbaa19563417d235bf91d63345998981a0edb41fc16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
858p5oNh5fNkEbLz0ux.0JxV9OzyHOzp
content-encoding
gzip
etag
"6422fc642f4ef0f80d84b60700dadfde"
x-amz-request-id
MBXXESFJY6612203
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3876
x-amz-id-2
EdA4PYbV/dtTpS5LXSaCQ14Bs9vkvKT32phVdxZlqKpI7atMgHIQ8UZB+Xyexgshgx+AJZJ64w8=
last-modified
Thu, 09 Dec 2021 17:06:54 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
nydn-services1182ffa19d76d40ef0af.css
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-services1182ffa19d76d40ef0af.css?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
48679354e4c07510a46bf03508ee8a7924a448581123f4e3aa6a4abe14af4ace
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
6nABiKd41aLYWDxj_w0mA6YripbQ6B4G
content-encoding
gzip
etag
"11aaab358be556f88e2f7efaecccab93"
x-amz-request-id
MBXHTMHEG4R7W6B6
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3421
x-amz-id-2
8PGQR5s2mi0VQD5U+61Mkx6ox6uIK3ByCRmVem8mRbUQycFqQELsnuFiT4WnlECoLDh9ZUNZz3A=
last-modified
Thu, 09 Dec 2021 17:06:54 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zadN1tnUFXNBOXe6vsJdDg==
age
1925
vary
Accept-Encoding
content-length
6456
x-ms-lease-status
unlocked
last-modified
Tue, 15 Feb 2022 17:25:49 GMT
server
cloudflare
etag
0x8D9F0A835BE52DE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
82a9c2b7-701e-0034-46a1-22774e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de1aaafdb94714b-YUL
loader.js
cdn.taboola.com/libtrc/tribunedigital-network/ 		1 MB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
323a1c3bcae0acd3273f45c74db88d84516fe634c76fe7731925677d22c0caab

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
s8a1gEuQQgqYz2aaXVZx3nk_c3suKKX6
content-encoding
gzip
etag
"95d1c1becfdb1c3e62c497b24ce2c764"
age
67
x-cache
HIT
content-length
102843
x-amz-id-2
qtM6p0h+JnYQdBXaPnXYoS6jz8hsXiP3Arf0owUCVM571CEkzthxXvOmVZewVUM6w4zkd+Zfyck=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 14 Feb 2022 14:54:01 GMT
server
AmazonS3
x-timer
S1644960935.600913,VS0,VE0
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
x-amz-request-id
DSW77S3ZFJ3ND4DT
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
41
x-cache-hits
2
zephr-browser.umd.js
assets.zephr.com/zephr-browser/1.3.9/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-104.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:31:23 GMT
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 11:02:55 GMT
server
AmazonS3
age
7452
etag
W/"c531ce77a9ff6380e9671dee680a2102"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
opAb8RLA1vBHxt-4dVrDqCXANkeC4ihUem9SWR1hdXu_WiNms3m9Cg==
zephr-minify.1.0.1.js
assets.zephr.com/tribune/ 		1 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.zephr.com/tribune/zephr-minify.1.0.1.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-104.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 22:29:46 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 11:32:39 GMT
server
AmazonS3
age
83149
etag
W/"d9f4fec80c2b61c13ef9d38b99f5708c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
LMGeQe3WRHu5R7E0PfYB3xKCMFyx3czCoij93lajeYqZARjjteVAeQ==
main.js
tribune-nydailynewsclassic.zeustechnology.com/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-11.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ca03c43db4e336527b70775ba6e4f0047dbe3cd20926600cfe572f3b2e0be05

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
TRiIqmlkIqmBNMoww.Zp8azJUI9LSOww
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 21:13:23 GMT
server
AmazonS3
age
245
etag
W/"be353b059a96aa945714650b982593a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1390ccfba3b832e28ba659d704aa57ba.cloudfront.net (CloudFront)
cache-control
max-age=600,s-maxage=3600
date
Tue, 15 Feb 2022 21:31:30 GMT
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
0K3aU-jviElH6GMu2WgTPRfzjTcCRksnDxby7WTzYpP-FGRgSvGMQw==
nydn-metrics1182ffa19d76d40ef0af.js
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-metrics1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
95fe0ad47713946af3c07044c6b818e7153cdb483410114863dc96840f77db2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
lWBVtNpHixH6JoLeUWPX4FAMtq.s06rB
content-encoding
gzip
etag
"8632a1ed9625c4d56b4d534db794055c"
x-amz-request-id
MBXHDBWNRA25XR2G
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
11234
x-amz-id-2
GWs1VyJDpuHfDxPyyk5OmZt7fOJC6FJdRzBwOoxvtVThRRmJxCdQLBKoDAwoPcDifcHhl+eILw8=
last-modified
Thu, 09 Dec 2021 17:06:54 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
nydn-lib1182ffa19d76d40ef0af.js
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
968ffc7a6364cb2bcced2d70eece11e2bfcaa8aefdbdcd98c767d1219d17b817
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Nlkl0.FU.3QCgzqQxmOWHgVYoo.uIL4O
content-encoding
gzip
etag
"4d2b165a9449909e4eeaa286045f7c91"
x-amz-request-id
MBXTDXXN2BYA2S2B
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
41464
x-amz-id-2
4Y9uC3/jL2JS/bPtwnX+8dCJnB2Lt/SehZhxIe8mqVDMgP1xEzbGds89QzuhMhmn7QHufWHY3so=
last-modified
Thu, 09 Dec 2021 17:06:56 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
nydn-index1182ffa19d76d40ef0af.js
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-index1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d128184b9be68c9b6528d2d41041086dd2cb27f63ffdac9457704e84b171960b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
I4CT9_kcUShbCNAM5q184YaFOWQb6tPf
content-encoding
gzip
etag
"6a6c2f00551cd1ac156a7648046f25aa"
x-amz-request-id
MBXMGWHDZTJVTTV8
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10135
x-amz-id-2
UJidJZaBXFOWAZAowzcVzdHUDPDq2qUzOjJrBb4ZG2hwPJ9OCKfFvh9n2vRhhEgIcuJmlnsEpr0=
last-modified
Thu, 09 Dec 2021 17:06:54 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
react1182ffa19d76d40ef0af.js
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/react/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/react/react1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4fc19f788324da5ddb1c71f1f30d6c03873212e1ed7e72796d6e696b6693b6ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
8Gs0CWbzEGIHBPSLCGn5bW5MsPVF2A4q
content-encoding
gzip
etag
"538704a78c5cc0c0fedc279f982daf17"
x-amz-request-id
MBXRTAYYQDE8MQWR
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3903
x-amz-id-2
m776IiSNM36xJiqj31jz/esJHEDrkDzr9Lqpp97MFcxsZ4waVhU/w1dl/j8s66nvxlmbtzAJcfM=
last-modified
Thu, 09 Dec 2021 17:06:55 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
gallery1182ffa19d76d40ef0af.js
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/react/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/react/gallery1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
445041afb38e02eaf6f022f493760d4b60e76fb8671e42d51508d057c4fbb2fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
f14HB8Opn0bKAkdvMT5GOdqNF8etzT_a
content-encoding
gzip
etag
"fabefd9f7ad242c7c0b2d18c11af4681"
x-amz-request-id
B2WFA08T6ZMT778R
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
15899
x-amz-id-2
3ph9j3z0vdwp159MN+0XcgAHgEEBQwUsYy8ma+E+eFu0AUmj8U/CSbC1pGCrRmPHHTlgTp4+0+Y=
last-modified
Thu, 09 Dec 2021 17:06:55 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
recommender1182ffa19d76d40ef0af.js
www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/react/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/react/recommender1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
0e4b7ef5182ca91fd1ed431eb02a1417ba322b31bb46fce7732034c5f31179cd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
_yhaUa69gA8MsdW60UBabXddq62ZvzlT
content-encoding
gzip
etag
"fe1cb3d0ea54508193658c7012645705"
x-amz-request-id
MBXMM4S19N19CTHA
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
6964
x-amz-id-2
QFE3aXiJ/ZnTw8qYZcUjBz662RNT/iX0Ca2JW6xmdiO78PbX79joxjJGQyODhTZsJrNtFJFuI1M=
last-modified
Thu, 09 Dec 2021 17:06:55 GMT
server
openresty
date
Tue, 15 Feb 2022 21:35:34 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:35:34 GMT
tinygif.gif
www.nydailynews.com/pb/resources/images/ 		26 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/pb/resources/images/tinygif.gif?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
9T5taX9RwjHrNVNqwC0.yQG5VOUlx6w9
last-modified
Thu, 09 Dec 2021 17:06:55 GMT
server
openresty
x-amz-request-id
DCQ2FYG00DY656JS
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 15 Feb 2022 21:35:34 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
26
x-amz-id-2
EA+yCEfawQNn6LhkTXWihQG6KsdVYXJ5ae06SMRwLJAGyJH+W82vlta9x086X7XKuComIwcXFvE=
expires
Wed, 15 Feb 2023 21:35:34 GMT
IDAW7JZLGXEOCVT3C7PMW354PA.jpg
www.nydailynews.com/resizer/HKxLOu-N1LIHbaQxJlodrzcwBs4=/415x276/top/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/HKxLOu-N1LIHbaQxJlodrzcwBs4=/415x276/top/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/IDAW7JZLGXEOCVT3C7PMW354PA.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
03ec06d4d0a13f331b59622f1533c9d153c95dfae40311de21ba7079bb210369
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
x-check-cacheable
YES
x-serial
1507
etag
"eab601c411e85f9d7623016f951b099354da6500"
content-type
image/jpeg
cache-control
private, no-transform, max-age=24856683
last-modified
Tue, 30 Nov 2021 14:13:16 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
24547
server
Akamai Image Manager
expires
Wed, 30 Nov 2022 14:13:37 GMT
render.js
www.nydailynews.com/pb/gr/p/default/r0Mtc111dLXwXs/ 		495 B
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/gr/p/default/r0Mtc111dLXwXs/render.js?v=299
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
404b5ddfd751e54016ba4fdbc2578938191c4978d69f28d642b746d6e9f5b5cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
server
openresty
etag
"e6421"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
242
expires
Wed, 15 Feb 2023 21:35:34 GMT
f079acb7-f32a-4265-a28d-b4cbfe73ac31.json
cdn.cookielaw.org/consent/f079acb7-f32a-4265-a28d-b4cbfe73ac31/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f079acb7-f32a-4265-a28d-b4cbfe73ac31/f079acb7-f32a-4265-a28d-b4cbfe73ac31.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b37e96ed0b892ea450175a37a7a340fa9fe479013c6c9b7a8d2bf7c13191b2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5vMxcwPORVc4Qw/WbsXS9A==
age
13173
vary
Accept-Encoding
content-length
1336
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jul 2021 00:57:09 GMT
server
cloudflare
etag
0x8D95162A08B2588
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4441b4b0-501e-0089-1d15-b661c2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de1aab0ec574bd6-YUL
expires
Wed, 16 Feb 2022 01:35:34 GMT
gtm.js
www.googletagmanager.com/ 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXB7PQT
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
31fa19659309aef258555f59492d8523198a7b57c9a599d80ddaaab484fe50b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62575
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Feb 2022 21:35:34 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NKF8Z7J
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfc7dd225dd599a24e4f44fc692cb68c48c5b6c245de85cdeee62e50c0fd873f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40825
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Feb 2022 21:35:34 GMT
9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
c.go-mpulse.net/boomerang/ Frame 8AA0 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/boomerang/9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:6a9::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:34 GMT
Content-Encoding
br
Last-Modified
Mon, 17 Jan 2022 22:21:51 GMT
Server
Akamai Resource Optimizer
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, s-maxage=604800
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
50393
nydnarc.min.js
ssor.tribdss.com/reg/tribune/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssor.tribdss.com/reg/tribune/nydnarc.min.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.59.109.238 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-109-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f41024fd1714a0f58119214417b8350f033ef429c3cf1254948a0beed7f4c334
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
10194
X-Request-Id
59a68e5f3f16f9c6b17658fe42acffc4
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.006694
X-Content-Digest
9fc7688a79c736001175c9e1890c8bae6e872034
Last-Modified
Wed, 09 Feb 2022 10:05:20 GMT
Server
Apache
X-Host-Info
6b8211c59328,; dc5666efe0aa7360bc535dc0b8296cbf5e4ff809 (HEAD -> refs/heads/release/2202.1.0, refs/remotes/origin/release/2202.1.0) DSS-16640: reCaptcha error message fix
ETag
17814248617531335556
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=159
Httpd-Identifier
fb972877e35a
X-Rack-Cache
fresh
features
zephr.nydailynews.com/zephr/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.nydailynews.com/zephr/features
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
00a6957c78bd7723791516082c1b88265166e46c78493557f8014088c9aeabfd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:17 GMT
content-encoding
gzip
age
17
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
public, max-age=300
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C3
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
AHLh-H8roA_fb0qMq5vQ-oVI-aLDlddH0tzGdZ8Y_3RJH8ca4unQvQ==
via
1.1 2f16b30f1da79f813ba9985dad1c4a94.cloudfront.net (CloudFront)
x-blaize-request
27e5924d
CNG4V-VKPZ8-E3VJH-4LSSY-MWNZU
s.go-mpulse.net/boomerang/ 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/CNG4V-VKPZ8-E3VJH-4LSSY-MWNZU
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:a87::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
br
last-modified
Mon, 17 Jan 2022 18:30:57 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
config.js
confiant-integrations.global.ssl.fastly.net/BxnsMKNekYyllYtt9SMvlO1N2hM/gpt_and_prebid/ 		92 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/BxnsMKNekYyllYtt9SMvlO1N2hM/gpt_and_prebid/config.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
851a74ffa8f02d427545fa401685e1453eee4e2ca9d4797fafd5359e2eb10c01

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:34 GMT
Content-Encoding
gzip
Age
2133
X-Cache
HIT
Connection
keep-alive
Content-Length
22201
x-amz-id-2
LSOnaGuw4r+r+mLXDH5luqU1NX1UL/U1d8qw2B499w2/TW4o9vbupiqienJNbFxvJq637xLnxQc=
X-Served-By
cache-yul12827-YUL
Last-Modified
Tue, 15 Feb 2022 20:52:56 GMT
Server
AmazonS3
X-Timer
S1644960935.600217,VS0,VE0
ETag
"bff76ccda20deeb252e82b1e834a4d0b"
x-amz-request-id
2QDPPEYWKCE973GC
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
5
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/ 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/BxnsMKNekYyllYtt9SMvlO1N2hM/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
873af853dede2eef6d739dd841fb21596d262ff33e68a965eb377e47ed8d4c7c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:34 GMT
Content-Encoding
gzip
Age
773
X-Cache
HIT
Connection
keep-alive
Content-Length
60844
x-amz-id-2
ul+NS/GeixkiZ9/jcp9Ysqb3hOeMEtmiphO6CQKfvDISkkcJJyfgThKJZlOjQzrLBnlDW1k3Cqo=
X-Served-By
cache-yul12827-YUL
Last-Modified
Mon, 31 Jan 2022 20:08:36 GMT
Server
AmazonS3
X-Timer
S1644960935.614906,VS0,VE0
ETag
"d4a52cf643f8d535f6f826b1707f5291"
x-amz-request-id
XTK340SY0C0E04Z3
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1155
pubads_impl_2022021001.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 12:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122668
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:35:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Feb 2023 12:59:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		466 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nydailynews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
331ae3ef5acc4c89a59b227090788063b6bd6c99e92594de052952f676eb8bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
expires
Tue, 15 Feb 2022 21:35:34 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
13122
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Tue, 15 Feb 2022 17:56:53 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
adrGbT6lfwjgURLBav5gcgVT937bMdA_C3QeS-t5sQGc-IDHOMfKxQ==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		157 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6de1aab19b4b4bd7-YUL
access-control-allow-headers
Content-Type
NIP5CU36ACZM7UJUCEADKEU57A.jpg
www.nydailynews.com/resizer/45gAljRVK4tgSp9BmR0mispudBA=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/45gAljRVK4tgSp9BmR0mispudBA=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/NIP5CU36ACZM7UJUCEADKEU57A.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
395873e0ab5be4bff26e7c8f83289540236af0a526258c292354104d2cb4c0dd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
x-check-cacheable
YES
x-serial
785
etag
"0453ddf79a338a7e524d0b8171b149a71bea91bc"
content-type
image/jpeg
x-edgeconnect-cache-status
1
cache-control
private, no-transform, max-age=30271235
last-modified
Thu, 15 Apr 2021 05:03:47 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=383
content-length
63892
server
Akamai Image Manager
expires
Wed, 01 Feb 2023 06:16:09 GMT
6ALLI2Y2XNWEPNZ3DKYPL4TSZU.jpg
www.nydailynews.com/resizer/OrFCX-Lg12bIUSTPrLe6-F564FQ=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/OrFCX-Lg12bIUSTPrLe6-F564FQ=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/6ALLI2Y2XNWEPNZ3DKYPL4TSZU.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c9335deaf8bc00461bfaa7c51f53c4f8dae5cf20160e1e55a4ae4e7b1091317f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
last-modified
Thu, 15 Apr 2021 05:03:47 GMT
server
Akamai Image Manager
etag
"631c092fbe1fa0f62e57a0cf4ad40cdb4076d18f"
content-type
image/webp
cache-control
private, no-transform, max-age=30271263
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=40
content-length
28108
expires
Wed, 01 Feb 2023 06:16:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4278
date
Tue, 15 Feb 2022 20:24:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 15 Feb 2022 22:24:16 GMT
feature-decisions
zephr.nydailynews.com/zephr/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.nydailynews.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
857dfff0589ed42b30ecffefc60cdfc9095ca9e88403e369c544de50eb8c21a5

Request headers

Accept
application/json
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
x-amz-cf-pop
EWR52-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
w5GpwusoeMpUSj8pGLPz2hsR26DRvgiCa-TWWxwHYORgPWqi_Y0Dfw==
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
x-blaize-request
6474dc74
feature-decisions
zephr.nydailynews.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr.nydailynews.com/zephr/feature-decisions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-43.ewr52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nydailynews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Tue, 15 Feb 2022 21:35:34 GMT
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 2f16b30f1da79f813ba9985dad1c4a94.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
tHHddxtZRXDws9Z8GwWnlsQtLSfYp4pGsHXmyUmimicwD0c27arPKQ==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.9.0/ 		341 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Feb 2022 21:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
56jOXvghU3RiFIKiZ2Zh+g==
age
10358993
vary
Accept-Encoding
content-length
75725
x-ms-lease-status
unlocked
last-modified
Fri, 20 Nov 2020 16:34:12 GMT
server
cloudflare
etag
0x8D88D721D404CB2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43214117-e01e-00f6-286c-c4fff0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de1aab1fe7f714b-YUL
UHZ6T2R4J6J2MMV62WSY5JFOK4.jpg
www.nydailynews.com/resizer/e8T4znZWd8928cOAzZ7yl3Bl6zI=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/e8T4znZWd8928cOAzZ7yl3Bl6zI=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/UHZ6T2R4J6J2MMV62WSY5JFOK4.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c39c5df29e8336b641d8f3d5fb953635b25efad405fe9291c2de2cd6f4fd819b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
last-modified
Mon, 06 Dec 2021 18:07:39 GMT
server
Akamai Image Manager
etag
"91627ee36a8ba972701d15d4c2f19faa334b486e"
content-type
image/jpeg
cache-control
private, no-transform, max-age=25389049
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=38
content-length
38236
expires
Tue, 06 Dec 2022 18:06:23 GMT
SR5NTUZDEEQB7OQ76RVXVAGVZQ.jpg
www.nydailynews.com/resizer/yjhpZBHB6XTSue3eo1liSl_LcTE=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/yjhpZBHB6XTSue3eo1liSl_LcTE=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/SR5NTUZDEEQB7OQ76RVXVAGVZQ.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8dd9102b5946abb3f70f167b5a48b18e0d867ef4b8a03e01e4ae3c17e8ad7147
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
last-modified
Sun, 17 Oct 2021 20:00:42 GMT
server
Akamai Image Manager
etag
"b54bebe22a1bf91b1163d1e5ce5ce978f8f5e23e"
content-type
image/webp
cache-control
private, no-transform, max-age=21075672
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=33
content-length
28296
expires
Mon, 17 Oct 2022 19:56:46 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.205.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-118.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 12:06:00 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
34177
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6c54d5aad34fd574d1282c92c7b7e104.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
GKTLt-mpccLxQfqlXDYU9haUWVZQXwlVg0wXiJVD4ntORHX3dlUBFg==
RQOLKRHBT2KCC7WAYKKC6RNPDI.jpg
www.nydailynews.com/resizer/21Lgnp8lmXNHwtkMoSxNrfak_1Q=/fit-in/800x533/smart/filters:fill(black)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/21Lgnp8lmXNHwtkMoSxNrfak_1Q=/fit-in/800x533/smart/filters:fill(black)/cloudfront-us-east-1.images.arcpublishing.com/tronc/RQOLKRHBT2KCC7WAYKKC6RNPDI.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
71364f55c1489c4367b957b69c36d6d3c71e7b6023c055a274340cd14df2d199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
last-modified
Tue, 07 Dec 2021 06:39:52 GMT
server
Akamai Image Manager
etag
"3cbfaa2de3f38be68f23bc4662f0ecded4554a0c"
content-type
image/webp
cache-control
private, no-transform, max-age=25434259
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=43
content-length
40878
expires
Wed, 07 Dec 2022 06:39:53 GMT
LS5LS5GVE4OKMHGNWUM6OZ2RUA.jpg
www.nydailynews.com/resizer/d4kiNOJMm31ms8y12yigWTafAXU=/fit-in/800x533/smart/filters:fill(black)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/d4kiNOJMm31ms8y12yigWTafAXU=/fit-in/800x533/smart/filters:fill(black)/cloudfront-us-east-1.images.arcpublishing.com/tronc/LS5LS5GVE4OKMHGNWUM6OZ2RUA.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
616c4b92a09b5c3b9ba1abd27f4fc9ead2beca259dfc171898be039739f3846c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
x-check-cacheable
YES
x-serial
2019
etag
"6efa248ea168d55b322ccd6cef2fb2dc0cc02c59"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30344841
last-modified
Fri, 16 Apr 2021 01:11:20 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=343
content-length
119266
server
Akamai Image Manager
expires
Thu, 02 Feb 2023 02:42:55 GMT
6ZN57VPKCPEXIPM7ZOEQULST24.jpg
www.nydailynews.com/resizer/LazVNwgNwibt8gMXRiMxelB_ZdI=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/LazVNwgNwibt8gMXRiMxelB_ZdI=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/6ZN57VPKCPEXIPM7ZOEQULST24.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ce0083d5d002f9d0ccf1bb170727be4494b7654aa11b407ac934c58308c109dd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
x-check-cacheable
YES
x-serial
1603
etag
"a838b4fbf4ab3ec756836acf07979f5ac13baa36"
content-type
image/webp
cache-control
private, no-transform, max-age=30271262
last-modified
Thu, 15 Apr 2021 05:03:47 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=271
content-length
27370
server
Akamai Image Manager
expires
Wed, 01 Feb 2023 06:16:36 GMT
2BZXXGUNZBUYPERKWMCIGQRDI4.jpg
www.nydailynews.com/resizer/EPMgPnYcQnT7Pe2yOKFtpJE3Rvo=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/EPMgPnYcQnT7Pe2yOKFtpJE3Rvo=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/2BZXXGUNZBUYPERKWMCIGQRDI4.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
54b121ef79b67abdb18e07b871fcb8c1c01654c77473af257ad942765f424980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:34 GMT
x-check-cacheable
YES
x-serial
426
etag
"2ad02de3e8c79b77f481f6f911ff91e9653866f3"
content-type
image/jpeg
cache-control
private, no-transform, max-age=25015469
last-modified
Thu, 02 Dec 2021 10:21:08 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=130
content-length
79871
server
Akamai Image Manager
expires
Fri, 02 Dec 2022 10:20:03 GMT
184794-144562113101278.js
js-sec.indexww.com/ht/p/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b44a0f699e1076ed5217e1f5c824fe842e7f5bc9ac0e94fbde2a7c3a4d421027

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 21:25:57 GMT
Server
Apache
ETag
"762d81-9890-5d8152dc8db36"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3139
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13167
Expires
Tue, 15 Feb 2022 22:27:54 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:14 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300709-1af3-5c4c7cca9e573"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=26659
accept-ranges
bytes
content-type
text/javascript
content-length
2267
expires
Wed, 16 Feb 2022 04:59:54 GMT
sync.js
ib.3lift.com/ 		275 B
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/sync.js
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-34.ewr53.r.cloudfront.net
Software
/
Resource Hash
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:34:48 GMT
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 21:34:48 GMT
age
47
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
EWR53-P1
content-length
275
x-amz-cf-id
Q4do6U3QyOzueHoWicVHdgNOPWREqBQytItibxRofuYN4dUb6662Ow==
lt.min.js
tags.crwdcntrl.net/lt/c/13200/ 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-112.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
091ec084a0358833ca37c3555b08169ec1f856ddcb5d9257310a988b73bddcb1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 15 Feb 2022 14:25:27 GMT
via
1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
last-modified
Tue, 23 Nov 2021 19:48:04 GMT
server
AmazonS3
age
25809
etag
"b43c246fbef50d70d57c3eed77fc1db5"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
44979
x-amz-cf-id
0YfeFxCPdfh30etNSqUwGpFe07cITPATz2iXCM_xuM9XEfH88jqkaw==
names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217.js
dyv1bugovvq1g.cloudfront.net/3/www.nydailynews.com/news/world/ 		2 KB
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/3/www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217.js
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:3a00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d0b14198d9bd374e7cf26bb20a60f902fa063268f726d4bf3493f377f508538

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR52-C3
x-cache
Miss from cloudfront
content-length
404
access-control-allow-origin
https://www.nydailynews.com
last-modified
Tue, 15 Feb 2022 17:36:26 GMT
server
AmazonS3
etag
"0428e08eb21b923dff2129c8b853ac87"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
via
1.1 71bfaca5ce51bb05b39690ef2b0a4af2.cloudfront.net (CloudFront)
cache-control
max-age=300
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
vZ73FSWf0z1dqhCSycsminom18ok26govob_VCZMqlK7iGXP1AB7fQ==
p.js
cdn.parsely.com/keys/nydailynews.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/nydailynews.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXB7PQT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.58.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-58-39.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
617f3f1434c901d3c7b253af27c9067fba76b35d0df046d4fca925464b418c52

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Mon, 14 Feb 2022 23:00:00 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 19:15:41 GMT
server
nginx
age
81335
etag
W/"61d5ee5d-df44"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
xT1_WSuyF0XBtEV01iJsRJjXwtVQdPk94xqm3rfzu3KyWhnAgsBSyA==
expires
Tue, 15 Feb 2022 23:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1644960935010&ns_c=UTF-8&c8=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1644960935010&ns_c=UTF-8&c8=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1644960935010&ns_c=UTF-8&c8=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&c7=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&c9=
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
13.225.205.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-118.ewr50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 6c54d5aad34fd574d1282c92c7b7e104.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
_XUkOHGZdPekwUS1Cfd89tPL4JcVXCbAPWIi8WH6BfNJ062OagFgNw==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 6c54d5aad34fd574d1282c92c7b7e104.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1644960935010&ns_c=UTF-8&c8=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&c7=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&c9=
content-length
370
x-amz-cf-id
yVCR8J4eJeIqEDpsCeXdapLXucYW1JmsBcuD0EVUyBHx9K8DV1Z7hw==
c56007e3db177488c71978a0bcf6724d74d8d7cc
insights.zeustechnology.com/www.nydailynews.com/ 		403 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insights.zeustechnology.com/www.nydailynews.com/c56007e3db177488c71978a0bcf6724d74d8d7cc?article_location=www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-123.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4328c3625816333dbe60b8c58bd4969be65403993ae4364bc4b53eeb633d972

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:04:12 GMT
Via
1.1 48242c037992a87d34be1f3c114efc0a.cloudfront.net (CloudFront)
Vary
Origin
Age
1884
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
403
x-amz-expiration
expiry-date="Sun, 17 Apr 2022 00:00:00 GMT", rule-id="ArticleCleanup"
Last-Modified
Tue, 15 Feb 2022 00:33:25 GMT
Server
AmazonS3
ETag
"f87d35c83a52bd9900b75bf8cbf93b58"
Access-Control-Max-Age
180
Access-Control-Allow-Methods
GET, HEAD
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
L-9RKR5CNTvpX_h-xJjUvJRAjLXJzkq1hMPdc31bubIjCa1x19dPpQ==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3503&u=https%3A%2F%2Fwww.nydailynews.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
5926fb14852d75812bfb855076a16989dbf7b054bab7b94df28676cbb872505c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:25:09 GMT
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
server
Server
age
15026
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-P1
content-length
1168
x-amz-cf-id
mphjcjnjEtKJHJVxcODqaebE_1X-rW9WR7PjGv6XWf6UcCPLdQYHuQ==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
read_auth
authenticate.nydailynews.com/ 		98 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://authenticate.nydailynews.com/read_auth?callback=jQuery33105556040314526141_1644960934661&product_code=nydnarc&master_id=&_=1644960934662
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.37.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-37-204.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3186e063bb55d01e71d696ac2c93c01b68eae958b3b4ace62c39f141b07607d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-request-id
7f2b027487e18b1d5faa2e1527e1bd4d
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.002683
server
Apache
x-host-info
f75824cc5d2f,; dc5666efe0aa7360bc535dc0b8296cbf5e4ff809 (HEAD -> refs/heads/release/2202.1.0, refs/remotes/origin/release/2202.1.0) DSS-16640: reCaptcha error message fix
etag
"06ab09088857dfd2d618af3f0ae6881f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, private, max-age=0
httpd-identifier
f75824cc5d2f
x-rack-cache
miss
OCZMBEP6U2BXVMWZRZ336GUQF4.jpg
www.nydailynews.com/resizer/IF5ov7OcmUspvMojxV4cgBPWbLo=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/IF5ov7OcmUspvMojxV4cgBPWbLo=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/OCZMBEP6U2BXVMWZRZ336GUQF4.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b948a1e26ece129d2a06ba2305bd88102bc028750fd0cf0000d6816d4dffc73e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
x-check-cacheable
YES
x-serial
1307
etag
"fd097baeff67bad4e88ee2568de61cf3b81d211e"
content-type
image/webp
cache-control
private, no-transform, max-age=30274989
last-modified
Thu, 15 Apr 2021 05:03:46 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=219
content-length
18598
server
Akamai Image Manager
expires
Wed, 01 Feb 2023 07:18:44 GMT
BU3L5RPY6VHZG27T4UZDICI4CQ.jpg
www.nydailynews.com/resizer/anJsdc37_ag0AgYL6oqrJUAKGJg=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/anJsdc37_ag0AgYL6oqrJUAKGJg=/fit-in/800x533/smart/filters:fill(black)/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/BU3L5RPY6VHZG27T4UZDICI4CQ.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
40daae19ed1cac245c0dc0c48846fea95f552f79b4370c7f179d39eab03d0be8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
x-check-cacheable
YES
x-serial
372
etag
"16658fdf6983141a5a1fea70be98d8cce9435b1a"
content-type
image/webp
cache-control
private, no-transform, max-age=30271268
last-modified
Thu, 15 Apr 2021 05:03:48 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=183
content-length
22362
server
Akamai Image Manager
expires
Wed, 01 Feb 2023 06:16:43 GMT
en.json
cdn.cookielaw.org/consent/f079acb7-f32a-4265-a28d-b4cbfe73ac31/48cdf60e-5f8a-4bff-abf0-f00d331cc410/ 		245 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/f079acb7-f32a-4265-a28d-b4cbfe73ac31/48cdf60e-5f8a-4bff-abf0-f00d331cc410/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4a99b9485964f387d5110ade979d420235b6a90f284cdd1d6367d7d1edcfae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
QjdaoB4EGBlFAeHyyTSimQ==
age
13731
vary
Accept-Encoding
content-length
44620
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jul 2021 00:57:20 GMT
server
cloudflare
etag
0x8D95162A765D800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
09329a1b-801e-0065-6f15-b669bb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de1aab489a24bd6-YUL
expires
Wed, 16 Feb 2022 01:35:35 GMT
b
sb.scorecardresearch.com/ 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1644960935137&ns_c=UTF-8&cv=3.5&c8=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&c7=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&c9=
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.205.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-118.ewr50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 6c54d5aad34fd574d1282c92c7b7e104.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
43RW4_AzYl1oX_mzDwlC9xAWjVlgzmojEIMN_2VsF9fF1zWNNkZ2sQ==
x-cache
Miss from cloudfront
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		94 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9e00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee4f7d7465f0abaa06cad8e9dc4a7eda0b8fe13353f26affdef015eafba30bd3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:23:22 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 19:53:17 GMT
server
AmazonS3
age
7934
etag
W/"504588f790da4479d84f8e8c8f703981"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
NxA6ZyL7fXhYLvqmRm2qnu5PVISyc7RO
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
cache-control
max-age=84600
x-amz-cf-pop
JFK51-C1
content-type
application/javascript
x-amz-cf-id
5RE2PK5TENeWY87i5ejklKqG9-iiQyCV5v4slI9LO440J8dhvP2aMQ==
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-81.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 10:22:42 GMT
content-encoding
br
age
40374
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary
Accept-Encoding
x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via
1.1 c5b9a0c64a4bfd127a52280a230003d2.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
EWR53-C2
content-type
application/x-javascript
x-amz-cf-id
5BfgO4o54IfwIaS3ELKZvAeqbtfrpV7eou41EUXpnXCnQ04ZF2vr9A==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
date
Tue, 15 Feb 2022 20:44:44 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10638
x-request-id
891880088
data
bcp.crwdcntrl.net/6/ 		712 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.109.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-109-9.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
84ee46e8d0c47860ac7775a850cf714f2d78f8e890fe540bb75361616280ea50

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache
x-server
10.40.0.170
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
712
expires
0
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1644960935206&plid=96929263&idsite=nydailynews.com&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&sref=&sts=1644960935201&slts=0&title=Malaysia+Airlines+Flight+370%3A+See+names%2C+faces+of+passengers+aboard+doomed+plane+-+New+York+Daily+News&date=Tue+Feb+15+2022+21%3A35%3A35+GMT%2B0000+(GMT)&action=pageview&pvid=33762224&u=pid%3D6694fa81ec8c8512d2e50f62121b220d
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:35 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 15-Feb-2022 21:35:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
any
idx.liadm.com/idex/ie/ 		54 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.77.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-77-103.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
60f130cc7455110625ef44bb7a3fa6b9879cf77c37e1f1cf539202351f0d2303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 21:35:35 GMT
Vary
Origin
Server
nginx/1.18.0
Request-Time
1
Content-Type
application/json
Access-Control-Allow-Origin
https://www.nydailynews.com
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
trace-id
b82aac06203b027e
Content-Length
54
identity
api.rlcdn.com/api/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184794
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
285b89faac20b0ad7535f799d2ba72b07de610eb158a5765eba5bc4059e4a680

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 17 Mar 2022 21:35:35 GMT
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
380c850a1673bc0d526a066903367b50a93175fa959cf5fb5068b57ef43c8c2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 21:35:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cf273352-f2cf-470b-ba50-c3fb39e741e9
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		58 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?ac=j&s=687193&v=7.2&sd=1&r=%7B%22id%22%3A%22bc714444-24e2-42d1-816e-925487d6bb11%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22293e4cee-560a-46e2-9ed2-80f59d6a213a%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22698761%22%2C%22gpid%22%3A%224011%2Fzeus_c_829%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22ref%22%3A%22%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%7D%2C%7B%7D%2C%7B%7D%5D%7D%7D
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.210.18 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-210-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
645673a97a41930992c977b8cd3123bc07f4af75e3166b95166f14e294e4a1d7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.nydailynews.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
19
expires
Tue, 15 Feb 2022 21:35:35 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=383420&tk_flint=custom&slots=1&size_id=15&alt_size_ids=&zone_id=2128240&rp_floor=0.01
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c32d5e92d7a82bfd1d2933c53d6bff20c539565013f05ded5ea50969569b6293

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.nydailynews.com&debug=false
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.193.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-193-246.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
Date
Tue, 15 Feb 2022 21:35:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
bid
c.amazon-adsystem.com/e/dtb/ 		190 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&pid=505DirTv909cM&cb=0&ws=1600x1200&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_c_829%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.nydn%2Fnews%2Fworld%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
cdedfb11642476f8bb9866868fef693be057f23bb825ddb9cc0a8b487dc9871b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
D8FVZG9WPYA1X9YH8C02
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
190
x-amz-cf-id
lwz6YmjNdNhi1hzWZsAZS6jjYXAaoIsoizz2T6lpp7GsneeOL8pgcg==
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFloatingFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29726e833f4940e76823406599378dfda2812b5c91a6653cec78e722f1e40df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jnIqF1I3VU9Tt9MWO4LDDw==
age
10358930
vary
Accept-Encoding
content-length
2709
x-ms-lease-status
unlocked
last-modified
Fri, 20 Nov 2020 16:34:04 GMT
server
cloudflare
etag
0x8D88D7217F82E19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6bc1a005-001e-0159-146c-c49b35000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de1aab55a9a4bd6-YUL
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/ 		46 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SyeN6ChPWcrwm5vVybzGmw==
age
10358930
vary
Accept-Encoding
content-length
11368
x-ms-lease-status
unlocked
last-modified
Fri, 20 Nov 2020 16:34:05 GMT
server
cloudflare
etag
0x8D88D721902A23F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
855461bd-501e-0082-5d6c-c479b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de1aab55a9c4bd6-YUL
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-12.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:33:16 GMT
via
1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront), 1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
age
57739
x-amzn-requestid
421620d9-81d7-4d3f-93e8-fe14f5c3a8a5
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-620b3b1c-78e9648e18970037427a09b3;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD89-C1, EWR53-P1
x-amz-apigw-id
NkYsbEDtDoEFziA=
content-length
30
x-amz-cf-id
IR3nI0AujgfhKiwgOMXRwGo0uOvqmyC6FAcHhaD0wJbo-n-N9JfzPA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
687.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/687.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p30.id5-sync.com
Software
/
Resource Hash
36802e056dc0107ac3b954ba750c9d79ca6fcfc0d5d9cdc211c7784992aab1c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Feb 2022 21:35:34 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.nydailynews.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
js
www.google-analytics.com/gtm/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MK43S9D&t=trb&cid=236439561.1644960935
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6aa96448bff9e725c798de9266a5b1a4be0c41a650518d2cd160261e2a521ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35984
x-xss-protection
0
expires
Tue, 15 Feb 2022 21:35:35 GMT
nydailynews.js
d1n00d49gkbray.cloudfront.net/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1n00d49gkbray.cloudfront.net/js/nydailynews.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5400:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52a1bcfe57d41720ea9ca3591ee85d582aae3f2ac61d865ae746bf3db06a3998

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 15 Feb 2022 07:22:12 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 14:10:52 GMT
server
AmazonS3
age
51204
etag
W/"71c5820ca0ddb712c402e7a1bc2be005"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
sk6RJvrohOcmXs3tm8QlcOZ_hslpEb8P
via
1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
cmPM8l97OCtYUe6iRTu-oSuyuuR15Aw_kgxeHIGweNKkC1IkJkO6ew==
QzUzNDhUMSAg.js
cdn5.userzoom.com/files/js/ 		4 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn5.userzoom.com/files/js/QzUzNDhUMSAg.js?t=uz_feed&cuid=AD0E0D666CCDE41180C90050569444FB
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x010.map2.ssl.hwcdn.net
Software
/
Resource Hash
88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Feb 2022 15:38:51 GMT
ETag
"1644939531"
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-HW
1644960935.dop009.dc2.t,1644960935.cds088.dc2.shn,1644960935.dop009.dc2.t,1644960935.cds012.dc2.c
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
public, max-age=10
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24
nydnarc.min.js
www.tribdss.com/meter/
Redirect Chain
  • https://www.tribdss.com/meter/nydnarc.min.js
  • https://www.tribdss.com/meter/nydnarc.min.js?disabled=international
30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tribdss.com/meter/nydnarc.min.js?disabled=international
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Server
23.59.109.238 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-109-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81fe046281fc6dd78fae0d5906d788126592f0fc96b020bca29cd64affa0efcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
10535
X-Request-Id
f22ba77147795129c7fff32e3a31c8f7
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.007126
X-Content-Digest
557772512deb481b6421d3d57fe0301f24054076
Last-Modified
Mon, 24 Jan 2022 09:26:46 GMT
Server
Apache
X-Host-Info
f757b8d9ab7c,; 1f92e77659e3b06e654712f410a7c16bf3990bf6 (HEAD -> refs/heads/release/2201.1.0, refs/remotes/origin/release/2201.1.0) DSS-15616: uncommented the expiry time checking for received FB token
ETag
2497630271390647026R
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=168
Httpd-Identifier
f757b8d9ab7c
X-Rack-Cache
fresh

Redirect headers

Location
/meter/nydnarc.min.js?disabled=international
Date
Tue, 15 Feb 2022 21:35:35 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
ml.br.js
js.matheranalytics.com/static/ltm/ma89701/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma89701/197837700/all/sp.js?cb=1590
  • https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
146 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
292bcd0551ee500b1cc5c1416ce840c056f16075b5f83fb84c3cbcbd422fa5ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:53:41 GMT
via
1.1 google
last-modified
Wed, 11 Aug 2021 04:39:34 GMT
server
nginx
age
52914
etag
"6d7605f5ee32490954d7a8f6534eaa33"
vary
Accept-Encoding
x-cache
HIT Wed, 11 Aug 2021 04:49:21 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
content-encoding
br
alt-svc
clear
content-length
43436

Redirect headers

date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
7-gc-nane1-20926
api.js
www.google.com/recaptcha/ 		850 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=undefined
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31387c3102e0c073a7e902e4e3156effc68e69fd68fea10fc0e295d634f500da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Tue, 15 Feb 2022 21:35:35 GMT
recommendations.multiple-get
api.taboola.com/1.2/json/nydailynews-nydailynews/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/1.2/json/nydailynews-nydailynews/recommendations.multiple-get?app.type=web&app.apikey=a5f2a3c6af6c60faae3641d7b61ade38275fbc3b&placement1.name=organic-story-right-rail&placement1.rec-count=3&placement1.organic-type=mix&placement1.thumbnail.width=72&placement1.thumbnail.height=72&placement1.visible=true&user.session=init&source.type=text&source.id=%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&source.url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
529faee70b6376cc783ee55be34b24946a814136d65d6fbd0d982fab6151ae1e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
68
date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960935.384280,VS0,VE68
x-served-by
cache-yul12827-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json;charset=utf-8
x-cache-hits
0
/
www.nydailynews.com/api/v2/render/feature/
Redirect Chain
  • https://www.nydailynews.com/api/v2/render/feature?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
  • https://www.nydailynews.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
1 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
361e17d5a3bc85910c2a1c34395066063984542eb330b6ca0d1dba21cae4241c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 21:34:58 GMT
server
openresty
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
private, max-age=60
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
606
expires
Tue, 15 Feb 2022 21:36:35 GMT

Redirect headers

date
Tue, 15 Feb 2022 21:35:35 GMT
server
openresty
content-type
text/html
location
/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
cache-control
private, max-age=31
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
166
expires
Tue, 15 Feb 2022 21:36:06 GMT
IDAW7JZLGXEOCVT3C7PMW354PA.jpg
www.nydailynews.com/resizer/1eMVEbpGHW1sMkB4VL7LKg3ZYvo=/800x533/top/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/1eMVEbpGHW1sMkB4VL7LKg3ZYvo=/800x533/top/arc-anglerfish-arc2-prod-tronc.s3.amazonaws.com/public/IDAW7JZLGXEOCVT3C7PMW354PA.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
75e1ad585990d7f3e36124733d36bf3ee56c512ef2c1018f827a9ed7908a7183
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
last-modified
Thu, 15 Apr 2021 05:03:47 GMT
server
Akamai Image Manager
etag
"a069fec02d07487c3e16ce4791615a5892487f37"
content-type
image/jpeg
x-edgeconnect-cache-status
1
cache-control
private, no-transform, max-age=30276999
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=37
content-length
60531
expires
Wed, 01 Feb 2023 07:52:14 GMT
newsroom.js
c2.taboola.com/nr/nydailynews-nydailynews/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/nydailynews-nydailynews/newsroom.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17c48ba7e3ff09a9ea576473142b943c741fd3da37bb122b68786479b685719c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"6b42087e43655a0d41285bc5ebcf16a0"
age
136
x-cache
HIT
content-length
16871
x-amz-id-2
x5HRw7Um0LlkCZ3iWXr/Go9bdaEkEpbabILREQaChNdSy8bT9o9adJxwSCGqLURELJwJr2VzWWA=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 07 Sep 2021 03:05:33 GMT
server
AmazonS3
x-timer
S1644960935.363506,VS0,VE1
date
Tue, 15 Feb 2022 21:35:35 GMT
vary
Accept-Encoding
x-amz-request-id
203EW2NREA5HSKV9
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
load.js
widget.perfectmarket.com/tribunedigital-network/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/tribunedigital-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fb26c7aa8a0f21eb4cf37124706d49b568d5417e06c39bfa755b1613a1f8373

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
zPPBPNVuQIKx9mFZx7n5m0zCpM.9fGQ1
content-encoding
gzip
etag
"e698d193db1b2fd0631ec46c1dc8a8fa"
age
186
x-cache
HIT, HIT
content-length
1424
x-amz-id-2
8Q5r2goqiGyHaCcZDJMs6SWfcMZxA26zOz0CTNlp2E5mxA5I4WzlPWgeD25K7LmSqdz6JKMuykc=
x-served-by
cache-lax10636-LGB, cache-yul12820-YUL
last-modified
Thu, 17 Dec 2020 11:02:50 GMT
server
AmazonS3
x-timer
S1644960935.391943,VS0,VE0
date
Tue, 15 Feb 2022 21:35:35 GMT
vary
Accept-Encoding,,
x-amz-request-id
KMX62MDRFXN2QQZW
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 3
impl.20220209-5-RELEASE.js
cdn.taboola.com/libtrc/ 		617 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
UcXnTC79qNw3Mi0AbOSOSK_d5E_AtDPw
content-encoding
br
etag
"47aba8dcefca4560e05ab437baae1ec9"
age
13591
x-cache
HIT
content-length
130247
x-amz-id-2
I1iaxSWtZb/ejY1+VkT4xzunCBo7U34lGQO3PPJ7GJ/y2zheR5ikpLCyKAz3YRcHjfWSStTzBS0=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 09 Feb 2022 09:48:58 GMT
server
AmazonS3-br
x-timer
S1644960935.359099,VS0,VE0
date
Tue, 15 Feb 2022 21:35:35 GMT
vary
Accept-Encoding
x-amz-request-id
1ZFNJ1H52SE28PEH
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
2
x-cache-hits
31081
features
www.nydailynews.com/pb/api/v2/async/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/pb/api/v2/async/features?rid=r0Mtc111dLXwXs&contentUri=/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
fc9d0b2aa08fad692f3bacd48707ad747d4efe8572e57c57b48fd032b9c77e86
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=159, origin; dur=226
content-length
1652
expires
Tue, 15 Feb 2022 21:36:35 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame AD99 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=13200
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-112.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

content-type
text/html
date
Tue, 15 Feb 2022 18:15:15 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
1QnSrQ7ytOuAuTQRDOCRSUexMz2aoTFImhxkiWytDZX8cemKJtF-DQ==
age
12021
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.nydailynews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nydailynews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3428847557343757&correlator=1864239795800197&output=ldjh&eid=31064540&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=4011%2Ctrb.nydn%2Cnews%2Cworld&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x1&prev_scp=pos%3D1%26cnsd%3Dpts_darc_p1_uad%26zeus_rendercount%3D1%26zeus_slot%3D.init.dsk%26optimera%3DNULL&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.nydailynews.com%26epvid%3D1644960934512_337635938%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.nydn%26slug%3Dnydn-news-world-names-faces-aboard-malaysia-airlines-flight-370-1-1739217%26cid%3D1.1739217%26at%3DtaxonomyTags%26kw%3Dbeijing%252Cmalaysia%252Cchina%252Cfather%252Cwife%252Chusband%252Cflight%252Cchild%252Ccompany%252Cvacation%252Ctrip%252Chome%252Cartist%252Ccouple%252Cmother%252Cfamily%252Cson%252Cway%252Cbusiness%252Cmoney%252Cplane%252Cfriend%252Ctime%252CBeijing%252Cbirthday%26tg%3DDefenseandCybersecurity%26design%3Darc%26nopulse%3Dtrue%26zeus_insights%3Dj7p%252Chdq%252Cwug%252C65r%252C3bu%252Ckiv%252Cgic%252Cbs0%26ccaud%3D473040%252Call%252C663817%252C747175%252C514644%252C473081%26lpid%3Df7a752960b88f39ddc708de0b4bfaade&cookie_enabled=1&bc=31&abxe=1&dt=1644960935408&lmt=1644959049&dlt=1644960934313&idt=618&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=4004413351&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&vis=1&scr_x=0&scr_y=0&psz=1x0&msz=0x0&ga_vid=236439561.1644960935&ga_sid=1644960935&ga_hid=1166886326&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
dd8731f3a039e453e2da737286b752450b56d48a893016fc848ac00d173e1408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8831
x-xss-protection
0
google-lineitem-id
4630851773
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138229725136
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AECE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 15 Feb 2022 21:35:35 GMT
expires
Wed, 15 Feb 2023 21:35:35 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D3%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.242.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0742fdbb45b1bdc8c0ccafea77f66a1a77bcaa3faed0c74e1d01418041a8d170

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId
a16ccbbd-b142-5cb9-9830-913bafa533de
Date
Tue, 15 Feb 2022 21:35:35 GMT
Content-Length
378
Content-Type
text/xml
7LGBONABQBD73ATVNQ2LD3SFOU.jpg
www.nydailynews.com/resizer/WXOKFKrik1BTScnNd2d_ZPPcrv8=/64x64/top/www.nydailynews.com/resizer/LkeidAZ9B4bqzHbsXrxROveXoB4=/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/WXOKFKrik1BTScnNd2d_ZPPcrv8=/64x64/top/www.nydailynews.com/resizer/LkeidAZ9B4bqzHbsXrxROveXoB4=/cloudfront-us-east-1.images.arcpublishing.com/tronc/7LGBONABQBD73ATVNQ2LD3SFOU.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Server /
Resource Hash
214b0789cdc96ea3ef2007730b107604e9ce442e56dccda56645f43d704e7db8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
etag
"766241a8fdcc867d7062cfc1c7a412b0faa96b60"
content-type
image/jpeg
cache-control
private, max-age=255
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-akamai-note
original-image
content-length
2260
expires
Tue, 15 Feb 2022 21:39:50 GMT
XC5PKTRG3VASFKOY75GHTRGQ6U.jpg
www.nydailynews.com/resizer/7F2ZwtSIyJgYR6salMP6C_SvyPs=/64x64/top/www.nydailynews.com/resizer/bfQv2FAIgrLNULA2nCZZInfHfBs=/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/7F2ZwtSIyJgYR6salMP6C_SvyPs=/64x64/top/www.nydailynews.com/resizer/bfQv2FAIgrLNULA2nCZZInfHfBs=/cloudfront-us-east-1.images.arcpublishing.com/tronc/XC5PKTRG3VASFKOY75GHTRGQ6U.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
861e89025298c1e14a8745b959e7f0fdaacb9da02c8dc223288ea35445682740
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
last-modified
Tue, 15 Feb 2022 00:21:54 GMT
server
Akamai Image Manager
etag
"1554190ea10d7676034ee4ace00ddc0aab86be2b"
content-type
image/webp
cache-control
private, no-transform, max-age=31459567
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
2086
expires
Wed, 15 Feb 2023 00:21:42 GMT
X6LKYMCE2FHNZGR6TH66ZTYCAA.jpg
www.nydailynews.com/resizer/iw1QHUGc11-7octd7oaHFrYT4n8=/64x64/top/www.nydailynews.com/resizer/sI4iQkOTbZAviinl94c_j1Hk8LU=/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/iw1QHUGc11-7octd7oaHFrYT4n8=/64x64/top/www.nydailynews.com/resizer/sI4iQkOTbZAviinl94c_j1Hk8LU=/cloudfront-us-east-1.images.arcpublishing.com/tronc/X6LKYMCE2FHNZGR6TH66ZTYCAA.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3f9d6211651f0f0f472cb6b19e43033a43aedaf17e1f6e745ae72f594c74ef19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
last-modified
Tue, 08 Feb 2022 02:24:58 GMT
server
Akamai Image Manager
etag
"f69e0df29dd8ea2d4b91d1bb0e50cf4629e28a19"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30862126
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1991
expires
Wed, 08 Feb 2023 02:24:21 GMT
JI3IWTRLUJD6FCIKY5373ZFLOI.jpg
www.nydailynews.com/resizer/a8sINwRQcTIbggYgKdmg7Inj2ao=/64x64/top/www.nydailynews.com/resizer/hYzfhFG5E-uxzmwHVYQw_uZ3rPY=/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nydailynews.com/resizer/a8sINwRQcTIbggYgKdmg7Inj2ao=/64x64/top/www.nydailynews.com/resizer/hYzfhFG5E-uxzmwHVYQw_uZ3rPY=/cloudfront-us-east-1.images.arcpublishing.com/tronc/JI3IWTRLUJD6FCIKY5373ZFLOI.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e2811d48b2cd94fc53c8289754121a78a681fc1644ad410021cd3297e8a93282
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
last-modified
Tue, 15 Feb 2022 17:44:05 GMT
server
Akamai Image Manager
etag
"5fa093e42daa056cbcb4317ea7f4b364a31cbb22"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31522175
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
2179
expires
Wed, 15 Feb 2023 17:45:10 GMT
headerstats
as-sec.casalemedia.com/ 		0
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=339473&u=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:35 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.nydailynews.com
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Tue, 15 Feb 2022 21:35:35 GMT
5IIWPOVRX5A77GAKNBEEEQGLXI.JPG
images.taboola.com/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/76g99A6iN8LNMqiwMk38FN9ePjU=/1200x0/left/top/cloudfront-us-east-1.ima... 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/76g99A6iN8LNMqiwMk38FN9ePjU=/1200x0/left/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/5IIWPOVRX5A77GAKNBEEEQGLXI.JPG
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f89856a3795f3824eff2d6ff4b2a4217f1758392e130d0ed89bac6827408ac3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 varnish, 1.1 varnish
age
2602245
edge-cache-tag
488300963608657276304883301984038603553,395742300558553622775490125162155075145,29ecf9b93bbf306179626feeda1fab70
cache-tag
488300963608657276304883301984038603553,395742300558553622775490125162155075145,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
886
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/76g99A6iN8LNMqiwMk38FN9ePjU=/1200x0/left/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/5IIWPOVRX5A77GAKNBEEEQGLXI.JPG
content-length
5272
x-request-id
6db9ddeb4e81f41d94d297ace952f30a
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 16 Jan 2022 18:44:51 GMT
server
nginx
x-timer
S1644960936.569727,VS0,VE1
etag
"91052114b083d240dcc4d13bde041942"
x-served-by
cache-bwi5048-BWI, cache-iad-kjyo7100166-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
RNXWVUAYHJDJZM7CSS4ELVUNKM.jpg
images.taboola.com/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/LrXCc9rlibpWxqvZ2E0Os89x94U=/1200x0/top/cloudfront-us-east-1.images.a... 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/LrXCc9rlibpWxqvZ2E0Os89x94U=/1200x0/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/RNXWVUAYHJDJZM7CSS4ELVUNKM.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca387f5828734b1bd7d1064e580479d3396f5bed348a440be1f9d6452711ed71

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 varnish, 1.1 varnish
age
1043850
edge-cache-tag
516820733525233610991651843808242721018,395742300558553622775490125162155075145,29ecf9b93bbf306179626feeda1fab70
cache-tag
516820733525233610991651843808242721018,395742300558553622775490125162155075145,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
628
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/LrXCc9rlibpWxqvZ2E0Os89x94U=/1200x0/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/RNXWVUAYHJDJZM7CSS4ELVUNKM.jpg
content-length
1844
x-request-id
6be90e4267787b341b0509027b55beae
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 03 Feb 2022 19:38:06 GMT
server
nginx
x-timer
S1644960936.569580,VS0,VE1
etag
"24690fe31be6682f3f702c240f4ca175"
x-served-by
cache-bwi5059-BWI, cache-iad-kiad7000093-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1
GBKPBQTTUVHZTPWUVPNYHQYZWE.jpg
images.taboola.com/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/lLHyr3joGxejJNlrNaZNdUeNREM=/1200x0/center/middle/cloudfront-us-east-... 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/lLHyr3joGxejJNlrNaZNdUeNREM=/1200x0/center/middle/cloudfront-us-east-1.images.arcpublishing.com/tronc/GBKPBQTTUVHZTPWUVPNYHQYZWE.jpg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b21f4655009ef1ed28d20287fa2a764759811ba0385282727c4ca81ec171ab76

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 15 Feb 2022 21:35:35 GMT
via
1.1 varnish, 1.1 varnish
age
1988518
edge-cache-tag
461973826283042160166283647658780048022,395742300558553622775490125162155075145,29ecf9b93bbf306179626feeda1fab70
cache-tag
461973826283042160166283647658780048022,395742300558553622775490125162155075145,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
276
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg,q_auto,h_72,w_72,c_fill,g_faces:auto,e_sharpen/https://www.nydailynews.com/resizer/lLHyr3joGxejJNlrNaZNdUeNREM=/1200x0/center/middle/cloudfront-us-east-1.images.arcpublishing.com/tronc/GBKPBQTTUVHZTPWUVPNYHQYZWE.jpg
content-length
1370
x-request-id
1ade6d5972627a135fa13f93bbf512bb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sun, 23 Jan 2022 21:10:42 GMT
server
nginx
x-timer
S1644960936.569824,VS0,VE1
etag
"5850887d13e6f6345de05303b49c2975"
x-served-by
cache-wdc5523-WDC, cache-iad-kjyo7100177-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
view
securepubads.g.doubleclick.net/pcs/ Frame FE2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbUhyQdF1pbEnbxoWIlUL1omOf2MkuWFTKF4pou2ui1vXxXiueyCI3418jYdhyoORibXAear_YNk1-Fh8iZdjXiwisEMnLI0vG3dWE-yBmec4VDtXmsuuSb2ybzpT1CMxtq6sL8KPsj5GnHO4eqUBvG-uIXwvpifATuA2sPCGu_p6BoEmAFEodI3In9ujtRerpvz196_NJ1B5TZYHhvoARrvIyJrm5Qc2I-DCG-88ewf22C2hwujTfo0RUGPabzYH366cgh0dcO2AfW9uqIG89qW6r-9WRLaK8vWcZiOZ2p59M6Eh7fYweNU1pARfyltr7FUI&sai=AMfl-YQ2lnQN903vGAYqMkhjfPW0gk_QiRmuiUPT7132yf6p5ak9RU54R5Ihs0iQc59hEFVDsoXTLnJ8sdE4C-1pxNg9oUGN4aLc_3hjzD3pqC0nKuFVes6GY4eJGmY1HO_U&sig=Cg0ArKJSzOSw_BuUsa8CEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 15 Feb 2022 21:35:35 GMT
tag
a.teads.tv/page/82546/ Frame FE2D 		14 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/82546/tag
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.160 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d8f8f1c43ba9f1232bc2bd9bf9e68e7e40ce95d1d5fe2ab6860e067d9fed4908

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
2275
expires
Tue, 15 Feb 2022 22:35:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE2D 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:35:35 GMT
pixel
protected-by.clarium.io/ Frame FE2D 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Qnhuc01LTmVrWXlsbFl0dDlTTXZsTzFOMmhNLzMwOTk0NzMzNjo1eDE=&v=5&s=v31frvkvrnb&id=eyJkZnAiOnsiYWQiOjM0NTA4NTM3NiwiYyI6MTM4MjI5NzI1MTM2LCJsIjo0NjMwODUxNzczLCJvIjozMDk5NDczMzYsIkEiOiIvNDAxMS90cmIubnlkbi9uZXdzL3dvcmxkIiwieSI6MCwiY28iOjAsInMiOiJ6ZXVzX3RlYWRzIn19&sb=undefined&cb=2183104&h=www.nydailynews.com&d=eyJ3aCI6IlFuaHVjMDFMVG1WcldYbHNiRmwwZERsVFRYWnNUekZPTW1oTkx6TXdPVGswTnpNek5qbzFlREU9Iiwid2QiOnsibyI6MzA5OTQ3MzM2LCJ3IjoiNSIsImgiOiIxIn0sIndyIjoyfQ==
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.181.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-181-171.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:35 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 2C5F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&dcc=t
271 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
21219e841367777c3e705912b243a0cff8d0b063886837113dae99bddcece9e0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:35 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
271
Connection
keep-alive
x-amz-rid
C91WSZX8R2FMX2RWKGFZ
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:35 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
15ER48HAJQH962B2WA2J
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
recaptcha__en.js
www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/ 		354 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1B_yv3CBEV10KtI2HJ6eEXhJ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b8b682253c43d2d9694c849d6f7526f8806c3215f75e2ec263e745dd9edc518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nydailynews.com/
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143204
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 05:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 20:40:16 GMT
SmarterHandler.ashx
tr2.smarterhq.io/app1/ 		298 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=100644789&i=seednbxehf-1&cb=_smtr.postprocess&cu=true&bv=2.7.17&utc=0&pt=0&href=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&hostn=www.nydailynews.com&pathn=%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/nydailynews.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-200.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
1e75c7dcee42e528118bf67b45a64851ea2ce7c3ef6de329bcde2d2efd2a5bc1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
298
content-type
text/javascript
pmk-202010011.27.js
widget.perfectmarket.com/tribunedigital-network/ 		112 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/tribunedigital-network/pmk-202010011.27.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/tribunedigital-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7fb9aeafd2d878c9105c3dbda844cbc6b86855b92dfe660b0117f692284bc7c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
vFwti8OzZphvyKcnsCOphWOBBaaimv.v
content-encoding
gzip
etag
"7253bec5e4edc0dcd2517b9a3f645467"
age
21812160
x-cache
HIT, HIT
content-length
31166
x-amz-id-2
6Ibq+WgrC023OS+SdAcB8gbj3Lh3MrpB+KQI/sfxMhMCNRlJYse3ZZYuI920cJpAFS9gZg08WPo=
x-served-by
cache-lax10622-LGB, cache-yul12820-YUL
last-modified
Thu, 17 Dec 2020 11:02:49 GMT
server
AmazonS3
x-timer
S1644960936.766470,VS0,VE0
date
Tue, 15 Feb 2022 21:35:35 GMT
vary
Accept-Encoding,,
x-amz-request-id
Q5Q5FSYY2SW6MGTD
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
6, 28066
json
trc.taboola.com/nydailynews-nydailynews/trc/3/ 		32 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nydailynews-nydailynews/trc/3/json?tim=21%3A35%3A35.830&lti=deflated&data=%7B%22id%22%3A279%2C%22ii%22%3A%22%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1644850435070%2C%22vi%22%3A1644960935827%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A28629%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22organic-thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Organic%20Stream%22%2C%22orig_uip%22%3A%22Right%20Rail%20Organic%20Stream%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%2CRight%20Rail%20Organic%20Stream%3Dorganic-thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
76e83ebc148ea339795b614107cb3cd4035d33f04c3e39f0c8decfa0e30d006f

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
520
date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
gzip
server
nginx
x-timer
S1644960936.844531,VS0,VE520
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
8.gif
id5-sync.com/i/687/ 		79 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/687/8.gif?id5id=ID5*FbN7zSAsugrTQ8BDAigAiVFVeYFqrERt5XQ6PYBLHYoIBCiI8HxFuiyM5fYWedUVCAU7S3jys-g-_cXqGMoWNwgGN-ipMXcgmL00afcsTMIIB8mkBT1WtbPwceF3mtueCAiAfMNSaQjh3zgp02C0xggJrbrfAyFKDPFsRlW2MREICrMwGfrJ-Gm8UqOUmYJXCAv7NYQP_QNojhmuUOFImAgMDgjtXK7ZRDPtTvEyqvgIDQBRHdt5klYJU9ir2trACA627c7sFujnxxbVKSve1wgPsVGvtGl2ux5SxaEclX0IEAOocA3mAQCcZsnU6w7_CBEde_pf97CBT8VZa36TSggSvEBgOokVQTYR2dRui3gIE-SH3551acZVR6_zxUEsCBQzqMJwP7pP_kFtlr26iggVUr7X6mOtapuhd0C5DJ0IFlzt2NQ8wjgtRywvQlmhCBetIIVVwsogSpp5RwesZggYmnPwPL2D7vh23tdE21IIGY23n6WGxwSx1ZA5pktFCBr4WrLR5ifmYcTGFAIOFAgb0NItlUe10A2drn3JhukIHAkeB_bExaMwLr7fdm91CB2THe1CSLLuyFIn9mo_LAgeQaleKrLamfY5Bd_haLsIptYJpEVYIpFj1DKJp0Cj&o=api&gdpr_consent=undefined&gdpr=0
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p30.id5-sync.com
Software
/
Resource Hash
4470070a6a6d7c71153373c24063292c7f14225a58a94e024a10d9c630bd1c0d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Date
Tue, 15 Feb 2022 21:35:35 GMT
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1166886326&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&ul=en-us&de=UTF-8&dt=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&sd=24&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAEADQAQCAC~&jid=1174861940&gjid=1149669563&cid=236439561.1644960935&tid=UA-20856122-1&_gid=283169956.1644960935&_r=1&cd41=Portrait&cd44=%3E1224&cd140=false&cd142=(none)&cd1=nydailynews&cd2=news%3Aworld&cd3=%2F4011%2Ftrb.nydn%2Fnews%2Fworld&cd4=nydn%3Anews%3Aworld%3Anydn-news-world-names-faces-aboard-malaysia-airlines-flight-370-1-1739217%3Astory.&cd5=arc&cd6=story&cd7=story&cd8=story&cd9=nydn-news-world-names-faces-aboard-malaysia-airlines-flight-370-1-1739217&cd10=nydn-news-world-names-faces-aboard-malaysia-airlines-flight-370-1-1739217&cd12=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane&cd13=AMANDA%20DINGYUAN%20HOU%2CQINGQING%20CHEN%2CRich%20Schapiro&cd14=Rich%20Schapiro&cd15=03-29-2014%2023%3A11&cd16=01-09-2019%2018%3A15&cd17=nydn&cd18=NEW%20YORK%20DAILY%20NEWS&cd19=1.1739217&cd20=1.1739217&cd21=1.1739216&cd22=(none)&cd29=(none)&cd30=25345&cd32=(none)&cd33=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&cd98=(none)&cd99=(none)&cd100=(none)&cd101=(none)&cd102=(none)&cd103=(none)&cd119=default&cd124=(none)&cd125=(none)&cd127=image&cd135=(none)&cd31=1&cd97=0&cd95=(none)&cd96=signed-out&cd42=1600%20-%201699&cm81=1&z=1612992136
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.nydailynews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nydailynews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		100 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3428847557343757&correlator=1864239795800197&output=ldjh&eid=31064540&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=4011%2Ctrb.nydn%2Cnews%2Cworld&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=slot%3Dzeus_c_1%26pos%3Df1%26cnsd%3Dpts_darc_pf1_uad%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_c_1.init.dsk%26amznbid%3D2%26amznp%3D2%26optimera%3DZ%2CA6%2CSA1%2CM3%2CL7%2CL1%2CJ1%2CA5%2CA4%2CA3%2CB%26zeus_appnexus%3D3%26zeus_auctionid_appnexus%3D1695206310588100352&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.nydailynews.com%26epvid%3D1644960934512_337635938%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.nydn%26slug%3Dnydn-news-world-names-faces-aboard-malaysia-airlines-flight-370-1-1739217%26cid%3D1.1739217%26at%3DtaxonomyTags%26kw%3Dbeijing%252Cmalaysia%252Cchina%252Cfather%252Cwife%252Chusband%252Cflight%252Cchild%252Ccompany%252Cvacation%252Ctrip%252Chome%252Cartist%252Ccouple%252Cmother%252Cfamily%252Cson%252Cway%252Cbusiness%252Cmoney%252Cplane%252Cfriend%252Ctime%252CBeijing%252Cbirthday%26tg%3DDefenseandCybersecurity%26design%3Darc%26nopulse%3Dtrue%26zeus_insights%3Dj7p%252Chdq%252Cwug%252C65r%252C3bu%252Ckiv%252Cgic%252Cbs0%26ccaud%3D473040%252Call%252C663817%252C747175%252C514644%252C473081%26lpid%3Df7a752960b88f39ddc708de0b4bfaade&cookie=ID%3Dbf5843766d0ed510-224a8173c17b007a%3AT%3D1644960935%3AS%3DALNI_MZSUKcwZrDLuuqVaGd7HMO5q8RETQ&bc=31&abxe=1&dt=1644960935946&lmt=1644959049&dlt=1644960934313&idt=618&frm=20&biw=1600&bih=1200&oid=2&adxs=1206&adys=510&adks=1546051717&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=1x0&psts=AGkb-H-4Hbj85bXu2IRKcBivethoERel2zm7VfX67dd24M0Y2x93ziTI-WK7EHU5UnxtjaijtZIbkNvTe5SFMys3h2YA2NlrLnfvsAZj_Q&ga_vid=236439561.1644960935&ga_sid=1644960935&ga_hid=1166886326&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
ea15b7142e03cbbe1323349e71bd06539ef9cce15001d7453b07b85efee7f385
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COe1ioLVgvYCFQPEhgodiZgF3g&gqi=&layout=/sadbundle/%24csp%253Der3%24/13286604602864346121/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COe1ioLVgvYCFQPEhgodiZgF3g&gqi=&layout=/sadbundle/%24csp%253Der3%24/13286604602864346121/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34199
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Tue, 15 Feb 2022 21:35:36 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&wrdcnt=4723&sec=news&prem=metered&paracnt=349&ptype=story&pnum=1&hier=news%7Cworld&chrcnt=25345&auth=AMANDA%20DINGYUAN%20HOU%7CQINGQING%20CHEN%7CRich%20Schapiro&artupt=1547075702&artsrc=nydn&artpubt=1396149061&artid=1.1739217&tv=js-3.0.138&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=ba6edcbf-ff1e-49fb-9967-80d7b239676f&pid=d48d988e-eed4-43ec-9155-e6009efe87f2&dtm=1644960935983&qnm=_matherq&visible=1&tabid=0891b9df-ef42-4eb0-bfa7-a260a96cbea6&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&vp=1600x1200&ds=1600x29043&tofa=1644960936&vid=1&lvidt=1644960936&duid=4b0002de7e794e74&fp=839606422&cid=ma89701&mrk=197837700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0NDk2MDkzMzU3OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNC4zbWIiLCJoZWFwVCI6IjE2LjFtYiIsImZzdFBhaW50IjoiMTAwMiIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIzMDQiLCJjb25uUyI6IjMwNCIsImNvbm5FIjoiNTg2Iiwic3NsUyI6IjMyMSIsInJlcXVTIjoiNTg2IiwicmVzcFMiOiI3MzEiLCJyZXNwRSI6Ijc2NSIsImRvbUxvYWQiOiI3MzQiLCJkb21JbnRlciI6IjE3NzYiLCJkb21Mb2FkUyI6IjE3NzYiLCJkb21Mb2FkRSI6IjE3OTkifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIyMzY0Mzk1NjEiLCJyZWZUaW1lIjoiMTY0NDk2MDkzNTk4MiJ9XSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDEwXzIwMTkxMDE2Il0sInBhZ2VJZCI6ImQ0OGQ5ODhlLWVlZDQtNDNlYy05MTU1LWU2MDA5ZWZlODdmMiJ9LHsicHJvdmlkZXIiOiJpU2VncyIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQxMF8yMDE5MTAxNiJdLCJwYWdlSWQiOiJkNDhkOTg4ZS1lZWQ0LTQzZWMtOTE1NS1lNjAwOWVmZTg3ZjIifV19
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-123-142.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:36 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
config.json
c.go-mpulse.net/api/ Frame 8AA0 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=CNG4V-VKPZ8-E3VJH-4LSSY-MWNZU&d=www.nydailynews.com&t=5483203&v=1.720.0&if=&sl=0&si=28e81515-49e2-49f1-8cf8-db39926e2178-r7d7za&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=630253
Requested by
Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:6a9::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4714a8ffabb2c6551a01fd0b2dd756d12d9a8e2b6d5910b50006744486fcf83

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Feb 2022 21:35:36 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 481F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60150
expires
Wed, 16 Feb 2022 14:18:06 GMT
date
Tue, 15 Feb 2022 21:35:36 GMT
vary
Accept-Encoding
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:f800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:28:47 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 22:23:33 GMT
server
nginx
age
4009
etag
W/"61fc55e5-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 ac664c0310f2b9554aba4708107d094c.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
wEimbYxMiGoZv0LkZudUcieaNuY41JKaZMLYk9r2pj4bxRqHvJrEkg==
expires
Tue, 15 Feb 2022 22:28:47 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1573
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6de1aabb09a87139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 18 Feb 2022 21:35:36 GMT
v2bhkMLd46cM8h21J3otm4lH3mXXZj70mhZTPevidT4n2AyiPk8M9ZmL05WasSyaW
smoggysnakes.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smoggysnakes.com/v2bhkMLd46cM8h21J3otm4lH3mXXZj70mhZTPevidT4n2AyiPk8M9ZmL05WasSyaW
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
1119f440db7dc0a9bc74cb58a6ba71c4c14ae766b8576d727f8c9acb135b2e24
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-us-east1
etag
"b69ca317e68938e7b5b33e4e051bbc49ebf6ca990a89b7715d7a6c0be471ef1b"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-wp3l
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Tue, 15 Feb 2022 21:35:36 GMT
x-buildnumber
466245667
timing-allow-origin
*
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
feature-decisions
zephr.nydailynews.com/zephr/ 		27 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.nydailynews.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
666790a05f022830460db172a1b77027af121d11c2057d735b64eef95821c066

Request headers

Accept
application/json
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
gzip
x-amz-cf-pop
EWR52-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
jXdnVzLBh3Q3VIgwR4D5Y52S9OlPaG03OqgZlWZH4bFNV1wZpZjWRA==
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
x-blaize-request
207c89e3
feature-decisions
zephr.nydailynews.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr.nydailynews.com/zephr/feature-decisions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-43.ewr52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nydailynews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Tue, 15 Feb 2022 21:35:36 GMT
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 2f16b30f1da79f813ba9985dad1c4a94.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
VyO_N5yJC7kcKLrMyJgfv1iBO58hYxhnuCRT8yum5mvphcElKvhHqA==
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-20856122-1&cid=236439561.1644960935&jid=1174861940&gjid=1149669563&_gid=283169956.1644960935&_u=6GBAAEACQAQCAC~&z=1357551268
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 15 Feb 2022 21:35:36 GMT
content-type
text/plain
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
SmarterHandler.ashx
tr2.smarterhq.io/app1/ 		297 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1294033686&i=seednbxehf-1&cb=_smtr.postprocess&t=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&cid=world&cn=news&bv=2.7.17&utc=0&pt=3&href=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&hostn=www.nydailynews.com&pathn=%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&modalc=637805577358380345^017eff4f-ef9e-4a8b-a682-baf387f69ec6^017eff4f-ef9e-46a7-93a1-41683c42cb68^0^149.56.153.178
Requested by
Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/nydailynews.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-200.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
a5a92f46c4e2447a049a4f49a304d611174e0462b89ddbccdcea55452579ae62

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
297
content-type
text/javascript
SmarterHandler.ashx
tr2.smarterhq.io/app1/ 		298 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=29435254&i=seednbxehf-1&cb=_smtr.postprocess&t=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&pid=9c881749f9bddc22633f5da42dc5ed86&bv=2.7.17&utc=0&pt=0&href=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&hostn=www.nydailynews.com&pathn=%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&modalc=637805577358380345^017eff4f-ef9e-4a8b-a682-baf387f69ec6^017eff4f-ef9e-46a7-93a1-41683c42cb68^0^149.56.153.178
Requested by
Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/nydailynews.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-200.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
84f5ed854a081a56fa990f0b017ac804232647c7f40c9363fbcc72c2b3895ffb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
298
content-type
text/javascript
smtr1x1.gif
tr2.smarterhq.io/app1/ 		43 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr2.smarterhq.io/app1/smtr1x1.gif?r=478359926&action=product_scrape&i=seednbxehf-1&modalc=637805577358380345%5E017eff4f-ef9e-4a8b-a682-baf387f69ec6%5E017eff4f-ef9e-46a7-93a1-41683c42cb68%5E0%5E149.56.153.178&scraped_products=%5B%7B%22productId_scraped%22%3A%229c881749f9bddc22633f5da42dc5ed86%22%2C%22percent_complete%22%3A0%2C%22article_slug%22%3A%22nydn-news-world-names-faces-aboard-malaysia-airlines-flight-370-1-1739217%22%7D%5D&bv=2.7.17
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-200.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
43
content-type
image/gif
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/82546/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.160 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47fdf10b73b62637c160f6a100fada484274983bd6625198d33a809f7bf475b2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 08:41:15 GMT
x-amz-request-id
YX8VHWRM91QAMENF
etag
"c8d7b0ed11d628acadcca826abd76f91"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
d
accept-ranges
bytes
content-length
134146
x-amz-id-2
D2ZnmknfaimoyaNdHGA+O7xiGaf77hgb3OrzKr7oGtAHGruFQbF00DVHNjaYrbWakBvTGeMCfF4=
expires
Tue, 15 Feb 2022 22:05:36 GMT
pixels
bcp.crwdcntrl.net/ Frame 962A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=13200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.109.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-109-9.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6f7b3f206f6e17e1083d3b0033c61f4f6dd25b0c597338210e5ebde3a2fb29f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
content-type
text/html
content-length
1889
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.40.2.98
server
Jetty(9.4.38.v20210224)
pr
s.amazon-adsystem.com/v3/ Frame 92BB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c292d886e68ecb7a6d23b877c247c646e19a434942fed038aebbb8fe9da5efa0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&dcc=t

Response headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:36 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2220
Connection
keep-alive
x-amz-rid
B0A1M188BM1BA0K7YP32
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
view
securepubads.g.doubleclick.net/pcs/ Frame FE2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAgHlS_Uj4kmttF0_O-G4XkKY_o1XkqvtfbB-Pzxrmn6Hp_5YnZApUUCfRYo9b-tsvCElf6r5KVVujlMX2uYxk1SnOrPXs0PuHmnLiRzO1ehBWBsnJJgGlSYgKZaniG5mqUTxdNTpIquZ010S06K171Jb6W-bETco7dyBfyrexKr9Z7wOXwKXpPtiRw-lbPz65balhufJkLKbQOYO6K7Ee750UhlTG15HIeg4xlUFNM1BMwTVbvqaLspC9qmeSjvIESPo9yxfbuZJmSeGpooOYZUiNGSFhIqBWiqoxCjDGtQ984Lmn78BAFYDFFW34dSudYKfpmQ&sai=AMfl-YRW6yRV7E_Zwgoehem2HwNjlI7EN4B_M7i2q-pkcVe4u5QNOZuSW5MLZSsv6gR_9bp78hbAa3vwHTKYGLIKBMowGRvv4FDrM1O4hly66BdAxc4vYGQrbiPQkydnyt5K&sig=Cg0ArKJSzO2CDc_Clz7HEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 15 Feb 2022 21:35:36 GMT
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8db3d891f077aac42f2ca43a2c3a830975ec6da5d4863d74d497cea1da91b956
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 21:35:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
58da7a46-5d8d-4c91-b630-61d44e4aa7ce
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		58 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?ac=j&s=687193&v=7.2&sd=1&r=%7B%22id%22%3A%22baec31d8-3aad-4f8b-8f1d-e295095b1297%22%2C%22imp%22%3A%5B%7B%22id%22%3A%225f86eced-afe8-4909-89a6-6f4e6d8c50a8%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22698768%22%2C%22gpid%22%3A%224011%2Fzeus_mh_ldb_cbo_924%22%7D%7D%2C%7B%22id%22%3A%228708a308-415a-4176-aaa3-8964b612d98d%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22698768%22%2C%22gpid%22%3A%224011%2Fzeus_mh_ldb_cbo_924%22%7D%7D%2C%7B%22id%22%3A%22e69c59f0-0713-4350-a092-f5d53eef1fdf%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22698768%22%2C%22gpid%22%3A%224011%2Fzeus_mh_ldb_cbo_924%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22ref%22%3A%22%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22013f5489-abdd-43ed-8226-582ddfebe20d%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-02-15T21%3A35%3A35%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%2C%7B%7D%2C%7B%7D%5D%7D%7D
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.210.18 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-210-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
700088829f93f8133f139532a8e47711ec398c71f3f7e2910b8de1fa0c1ce7b2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.nydailynews.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
58
x-ak-client-geo
19
expires
Tue, 15 Feb 2022 21:35:36 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nydailynews.com
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=383420&tk_flint=custom&slots=1&size_id=2&alt_size_ids=55%2C57&zone_id=2128258&rp_floor=0.01
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0778689b2f74019c8f631e01a478c78733228daba4c8310521fe0e3c91218ded

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:36 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
262
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.nydailynews.com&debug=false
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.193.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-193-246.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
Date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
bid
c.amazon-adsystem.com/e/dtb/ 		611 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&pid=505DirTv909cM&cb=1&ws=1600x1200&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_mh_ldb_cbo_924%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.nydn%2Fnews%2Fworld%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*FbN7zSAsugrTQ8BDAigAiVFVeYFqrERt5XQ6PYBLHYoIBCiI8HxFuiyM5fYWedUVCAU7S3jys-g-_cXqGMoWNwgGN-ipMXcgmL00afcsTMIIB8mkBT1WtbPwceF3mtueCAiAfMNSaQjh3zgp02C0xggJrbrfAyFKDPFsRlW2MREICrMwGfrJ-Gm8UqOUmYJXCAv7NYQP_QNojhmuUOFImAgMDgjtXK7ZRDPtTvEyqvgIDQBRHdt5klYJU9ir2trACA627c7sFujnxxbVKSve1wgPsVGvtGl2ux5SxaEclX0IEAOocA3mAQCcZsnU6w7_CBEde_pf97CBT8VZa36TSggSvEBgOokVQTYR2dRui3gIE-SH3551acZVR6_zxUEsCBQzqMJwP7pP_kFtlr26iggVUr7X6mOtapuhd0C5DJ0IFlzt2NQ8wjgtRywvQlmhCBetIIVVwsogSpp5RwesZggYmnPwPL2D7vh23tdE21IIGY23n6WGxwSx1ZA5pktFCBr4WrLR5ifmYcTGFAIOFAgb0NItlUe10A2drn3JhukIHAkeB_bExaMwLr7fdm91CB2THe1CSLLuyFIn9mo_LAgeQaleKrLamfY5Bd_haLsIptYJpEVYIpFj1DKJp0Cj%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-63-179.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
5ee727c5546cb16d6a281f5cc7c79cdb02089ab0c0cf8e70cff9dc7400455add
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-P1
x-amz-rid
PQAQD1P868SQ64NPS470
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
611
x-amz-cf-id
BHdInIDiATgW10vC4ScnGuj6CInR6OUzuRhA5HTGPqCToKoMMXvNJw==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3389
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6de1aabc0cef713c-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 18 Feb 2022 21:35:36 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 481F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46314667&p=159890&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f9af39002293e68b72a0956e834742a0dcb8bd9722d6a80840df53be6b360c8a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:35 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=nydailynews.com&p=%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&u=8qGAHCLiSwIBk30TT&d=nydailynews.com&g=25745&g0=news%2Cworld&g1=AMANDA%20DINGYUAN%20HOU%2CQINGQING%20CHEN%2CRich%20Schapiro&n=1&f=00001&c=0&x=0&m=0&y=29176&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2789&_s=%7B%22epvid%22%3A%221644960934512_337635938%22%7D&t=DHAR9SCZrfN-B2QbgZByMOxeBvGBld&V=129&i=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane&tz=0&_acct=anon&sn=1&sv=B0sJHpFibGxpiLQ7RqSuIBLychT&sd=1&im=067b0ff3&_
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.184.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-184-233.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20856122-1&cid=236439561.1644960935&jid=1174861940&_u=6GBAAEACQAQCAC~&z=1664120558
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20856122-1&cid=236439561.1644960935&jid=1174861940&_u=6GBAAEACQAQCAC~&z=1664120558
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
etag
"45cf913e5d9d3c9b2058033056d3dd23"
age
7609087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
date
Fri, 11 Feb 2022 17:56:21 GMT
content-type
image/gif
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-amz-cf-id
aY-MTTgt1WJIcAcDfqM_mcOBjw1w63qAearSIrh7M1-QmU2Or9SFfQ==
explore-more.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6309c4a5cc3463b9b7180a7b7c4cd233492052104119f23b6fbc1d79bd99e7ad

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
0gKXN9EJ9qoGSc2Qe25KjxAYRWIOSudS
content-encoding
gzip
etag
"0e2ef31d9195fe7285e47f2628269229"
age
2890
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4480
x-amz-id-2
R7pmK5N0/Q0fWP8kAVrY5b8S5lb6RQkh6hATwU0vvAHcPYDyc7H+6KWLcP5LF+NG+wTKTG3JSeA=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 15 Feb 2022 20:47:21 GMT
server
AmazonS3
x-timer
S1644960936.436809,VS0,VE0
date
Tue, 15 Feb 2022 21:35:36 GMT
vary
Accept-Encoding
x-amz-request-id
DT13403SQMAQG63P
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
2638
feed-card-placeholder.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fe183cf65f19ad2ed6494c6cbc3bd50bd86a9b6c7ccbff95143fa6c26bacb8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
HfXjdGCCtUSChRBm27q1g5Vio2ncirgo
content-encoding
gzip
etag
"b0cec8ec7667c7db8960686fe402a9a2"
age
2896
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ITEJvk9j62WnWPlw7x5hCdQOslsA/wEti1nIPvYGI0G8D10XniMu2EsC3hFhm17Nx1ydHsx0Pp8=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 15 Feb 2022 20:47:18 GMT
server
AmazonS3
x-timer
S1644960936.436941,VS0,VE0
date
Tue, 15 Feb 2022 21:35:36 GMT
vary
Accept-Encoding
x-amz-request-id
KVP6MH8N34J1KP5J
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
4991
userx.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
fqfX5CDgZSgb8cg6czA3cyTsFcOlUPU5
content-encoding
gzip
etag
"61e315da9d36378bf5cee1884d4b1acb"
age
2921
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5396
x-amz-id-2
9+nwCj3YmLyVXJWGqN5XTQ70RrxpEoJ/QLgXMxHln+vX0lid50iR8BGyD5CVqIm+rWVKcNq9vYE=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 15 Feb 2022 20:46:33 GMT
server
AmazonS3
x-timer
S1644960936.459836,VS0,VE0
date
Tue, 15 Feb 2022 21:35:36 GMT
vary
Accept-Encoding
x-amz-request-id
X0BWVNZEK7DDBGV0
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
3561
cta-component.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
yjkRDwLTELV958l9rNhu0AyILg_6bBwB
content-encoding
gzip
etag
"9849d7a808261a0a8eb56398b3b71925"
age
2881
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5020
x-amz-id-2
tKeM5DU/fBaOyTjIt69RWjTzAOPskTnjPEgO4HGYhglclcplA6VgjNSPWsltoHfmLdHxckgXpKY=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 15 Feb 2022 20:47:29 GMT
server
AmazonS3
x-timer
S1644960936.478437,VS0,VE0
date
Tue, 15 Feb 2022 21:35:36 GMT
vary
Accept-Encoding
x-amz-request-id
9E831FA6KSV0F1ZK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
4746
abtests
trc.taboola.com/nydailynews-nydailynews/log/3/ 		0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/nydailynews-nydailynews/log/3/abtests?route=US:US:V&lti=deflated&ri=783ebb64037ce75fb07d3fb65688f2ca&sd=v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960935_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE&ui=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&pi=/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&wi=4433633441509489590&pt=text&vi=1644960935827&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1644960936483%7D&tim=21%3A35%3A36.484&id=4784&llvl=2&cv=20220209-5-RELEASE&
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
13
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960936.492916,VS0,VE13
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
tpid=YgwcqAdSSrXi2CkqYWrfowAA%26553
sync.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 962A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183715&cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D6725%2Ftp%3DINDX%2Ftpid%3D__UID__
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D6725%2Ftp%3DINDX%2Ftpid%3D__UID__&s=183715&C=1
  • https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgwcqAdSSrXi2CkqYWrfowAA%26553
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgwcqAdSSrXi2CkqYWrfowAA%26553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
H2
Server
54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-1-168.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.34.71
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgwcqAdSSrXi2CkqYWrfowAA%26553
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
265
Expires
Tue, 15 Feb 2022 21:35:36 GMT
token
token.rubiconproject.com/ Frame 962A 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=f7a752960b88f39ddc708de0b4bfaade&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpid=4ac3d601-46a4-43cb-abb9-9ad681b98672
sync.crwdcntrl.net/map/c=8157/tp=NLDN/ Frame 962A
Redirect Chain
  • https://jadserve.postrelease.com/dmp/5?vk=f7a752960b88f39ddc708de0b4bfaade&ntv_r=https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=NTV_USER_ID
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=4ac3d601-46a4-43cb-abb9-9ad681b98672
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=4ac3d601-46a4-43cb-abb9-9ad681b98672
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
H2
Server
54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-1-168.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.11.89
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
server
nginx/1.12.1
location
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=4ac3d601-46a4-43cb-abb9-9ad681b98672
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
lotame
sync.sharethis.com/ Frame 962A 		42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=f7a752960b88f39ddc708de0b4bfaade&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-242-122.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Tue, 15 Feb 2022 21:35:36 GMT
Content-Length
42
Stid
ZHYADWIMHKgAAAAIFUsnAw==
Content-Type
image/gif
utsync.ashx
ml314.com/ Frame 962A 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=f7a752960b88f39ddc708de0b4bfaade&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:35 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Wed, 16 Feb 2022 16:35:36 GMT
tpid=b219f9f3-ad06-429c-a25b-6c99f6cc4eae
sync.crwdcntrl.net/map/c=194/tp=OPNX/ Frame 962A
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=b219f9f3-ad06-429c-a25b-6c99f6cc4eae
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=b219f9f3-ad06-429c-a25b-6c99f6cc4eae
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
H2
Server
54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-1-168.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.42.46
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=b219f9f3-ad06-429c-a25b-6c99f6cc4eae
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usermatch.gif
beacon.krxd.net/ Frame 962A 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=f7a752960b88f39ddc708de0b4bfaade
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.161.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-161-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1644960936
x-served-by
beacon-n009-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.json
aa.agkn.com/adscores/ Frame 962A 		103 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.154.200.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:37:08 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
application/json
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
103
Expires
0
/
ps.eyeota.net/match/bounce/ Frame 962A
Redirect Chain
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=f7a752960b88f39ddc708de0b4bfaade
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=f7a752960b88f39ddc708de0b4bfaade
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=f7a752960b88f39ddc708de0b4bfaade
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:37 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=51mdg9u&uid=f7a752960b88f39ddc708de0b4bfaade
Date
Tue, 15 Feb 2022 21:35:36 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
rand=523345926
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7341874419548819343/gdpr=0/ Frame 962A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=523345926
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7341874419548819343/gdpr=0/rand=523345926
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7341874419548819343/gdpr=0/rand=523345926
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=67%2C31%2C86%2C81%2C61%2C58%2C80%2C8%2C49%2C2&c=13200
Protocol
H2
Server
54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-1-168.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.45.182
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:36 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0b53dcd9-f155-4a94-84b2-df8e4cdf45ad
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7341874419548819343/gdpr=0/rand=523345926
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=51a6030b-2f3b-40b4-b2f6-5d307e777c41&pageId=82546&pid=89358&debug_metadata=wN3wipU875&fv=976&ts=1644960936581&f=1&referer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.13.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-13-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=51a6030b-2f3b-40b4-b2f6-5d307e777c41&pageId=82546&pid=89358&slot=native&fv=976&ts=1644960936595&f=1&referer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.13.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-13-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=6ca51cd5-b80b-4031-974e-37ced456326f&pageId=82546&pid=89376&debug_metadata=pnYvaYn8Vk&fv=976&ts=1644960936602&f=1&referer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.13.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-13-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=6ca51cd5-b80b-4031-974e-37ced456326f&pageId=82546&pid=89376&slot=multislot&fv=976&ts=1644960936610&f=1&referer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.13.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-13-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/82546/ 		537 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/82546/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&page=%7B%22id%22%3A82546%2C%22placements%22%3A%5B%7B%22id%22%3A89358%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A788%2C%22height%22%3A443%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=51a6030b-2f3b-40b4-b2f6-5d307e777c41&formatVersion=976&env=js-web&netBw=10&ttfb=145
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.160 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
96e81f3f61d15e1b47cdabbbd80d8f630c690636a2ab6ca44744a74de0e22f3d

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nydailynews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
381
expires
Tue, 15 Feb 2022 21:35:36 GMT
ad
a.teads.tv/page/82546/ 		538 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/82546/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&page=%7B%22id%22%3A82546%2C%22placements%22%3A%5B%7B%22id%22%3A89376%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A788%2C%22height%22%3A443%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=6ca51cd5-b80b-4031-974e-37ced456326f&formatVersion=976&env=js-web&netBw=10&ttfb=145
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.160 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
856e51f8e5d25eea2e354b13bd679bd30a4443f01ccf0b318954fbbc6b47cdc2

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nydailynews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
382
expires
Tue, 15 Feb 2022 21:35:36 GMT
social
us-trc-events.taboola.com/nydailynews-nydailynews/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/nydailynews-nydailynews/log/3/social?route=US:US:V&lti=deflated&ri=783ebb64037ce75fb07d3fb65688f2ca&sd=v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960935_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE&ui=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&pi=/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&wi=4433633441509489590&pt=text&vi=1644960935827&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%22%2C%22sec%22%3A%22News%2CWorld%22%2C%22aut%22%3A%5B%22AMANDA%20DINGYUAN%20HOU%22%2C%22QINGQING%20CHEN%22%2C%22Rich%20Schapiro%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fresizer%2FswSiiNG9MSD99tR29wpHwArKUaQ%3D%2F1200x0%2Ftop%2Farc-anglerfish-arc2-prod-tronc.s3.amazonaws.com%2Fpublic%2FIDAW7JZLGXEOCVT3C7PMW354PA.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=21%3A35%3A36.647&id=2232&llvl=2&cv=20220209-5-RELEASE&
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc.taboola.com/nydailynews-nydailynews/log/3/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/nydailynews-nydailynews/log/3/abtests?route=US:US:V&lti=deflated&ri=783ebb64037ce75fb07d3fb65688f2ca&sd=v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960935_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE&ui=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&pi=/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&wi=4433633441509489590&pt=text&vi=1644960935827&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1644960936664%7D&tim=21%3A35%3A36.664&id=6574&llvl=2&cv=20220209-5-RELEASE&
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960937.678551,VS0,VE10
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
css2
fonts.googleapis.com/ 		2 KB
929 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3bf1826d0d1105a0bf1302406085802eaf9f66fcdf418ab4b637fec79c0943e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 21:33:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 21:35:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 21:35:36 GMT
container.html
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 01D9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 15 Feb 2022 21:35:35 GMT
expires
Wed, 15 Feb 2023 21:35:35 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
connatix.player.js
cds.connatix.com/p/150597/ Frame A1AE
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/150597/connatix.player.js
965 KB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/150597/connatix.player.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26f6ff6f4d7f1d68f77262c8679a2200a2e64a07dc2da747340df653078d74ac

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:16:13 GMT
age
19000
etag
"8c299f1b19b4c4487ccfe90495abab77"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
239815

Redirect headers

location
https://cds.connatix.com/p/150597/connatix.player.js
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
server
Kestrel
accept-ranges
bytes
content-length
0
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=51a6030b-2f3b-40b4-b2f6-5d307e777c41&pageId=82546&pid=89358&slot=native&vid=8a280e79-671b-4e6e-8598-f0f6060321c8&fv=976&ts=1644960936823&f=1&referer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.13.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-13-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=6ca51cd5-b80b-4031-974e-37ced456326f&pageId=82546&pid=89376&slot=multislot&vid=d9bc8172-91e1-4708-a4b6-64ac5cfe1acb&fv=976&ts=1644960936881&f=1&referer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.112.13.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-13-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 80D0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f00bbb93c433be8fe090909305cd6984e0e50868d1fb022f3830977a6d084bd4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|31|41|51|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 15 Feb 2022 21:35:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Content-Length
1703
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7AA2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60150
expires
Wed, 16 Feb 2022 14:18:06 GMT
date
Tue, 15 Feb 2022 21:35:36 GMT
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame BC3F 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.165.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-165-174.compute-1.amazonaws.com
Software
/
Resource Hash
cf96438bdee5f41ac943b3808637b788e370cf1efe1eb3f89d2a026491001f13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
usync.html
eus.rubiconproject.com/ Frame C41C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 15 Feb 2022 21:35:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 2ACC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1iMmhjQVlORTJ1SmI1ZWJYN0NUdkZvTHV4cmltSmJOV35B
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1iMmhjQVlORTJ1SmI1ZWJYN0NUdkZvTHV4cmltSmJOV35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:37 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
J4C477MWE6NWBX90TFKA
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1iMmhjQVlORTJ1SmI1ZWJYN0NUdkZvTHV4cmltSmJOV35B
age
0
server
ATS/9.1.0.33
cm
u.openx.net/w/1.0/ Frame 447B 		722 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
d6955137ebceb639a69fcbda007d865e3dc037ed32b40f74df66a11cddb819e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 15 Feb 2022 21:35:36 GMT
content-type
text/html
content-length
462
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 0CF9
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=3fc09174117608e8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKa-n8VKaUgNJ8-ewAAAAAAA&expiration=1645047337&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKa-n8VKaUgNJ8-ewAAAAAAA&expiration=1645047337&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:37 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
P5W6Q1JH2HF3N5186BNV
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

server
nginx
date
Tue, 15 Feb 2022 21:35:37 GMT
content-length
0
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKa-n8VKaUgNJ8-ewAAAAAAA&expiration=1645047337&is_secure=true
dinitsync
crb.kargo.com/api/v1/ Frame 467E 		0
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/dinitsync?partners=A9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.21.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-21-243.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Date
Tue, 15 Feb 2022 21:35:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
0
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame 407C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7341874419548819343&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7341874419548819343&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:36 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
VJBC8BMBJNBY4CNXV2X3
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Tue, 15 Feb 2022 21:35:36 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=7341874419548819343&ex=appnexus.com
AN-X-Request-Uuid
43f5734f-682c-4abc-91ca-d49258734e09
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame B4A7
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2849636505712819506532
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2849636505712819506532
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_cnv_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:37 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
VTRZJYBVWZV5VC4P8T52
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2849636505712819506532
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
web
onesignal.com/api/v1/sync/f6403880-4fac-4636-af72-6db9b22d3f02/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/f6403880-4fac-4636-af72-6db9b22d3f02/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0041605dccf238cdb8b0062daf3818f9d1598b0124561b1dd12b84a6c8463bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
758
cf-polished
origSize=5439
status
200 OK
x-envoy-upstream-service-time
39
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ede12ace-ea90-4f36-aad5-fa20002f5d43
x-runtime
0.037977
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ce7450883716eef77c4655455d781591"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6de1aabfe8677139-YUL
access-control-allow-headers
SDK-Version
expires
Tue, 15 Feb 2022 22:35:36 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:37:37 GMT
x-content-type-options
nosniff
age
525480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:12:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:37:37 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nydailynews.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:29:28 GMT
x-content-type-options
nosniff
age
525969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:29:28 GMT
v2txnvOMcTuimDtDuh5PfK8_5DBx9Q0SghzpTDT0f77sz6dfdFC-D4WXadLHqNtmKgbfyYVF0
smoggysnakes.com/ 		201 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smoggysnakes.com/v2txnvOMcTuimDtDuh5PfK8_5DBx9Q0SghzpTDT0f77sz6dfdFC-D4WXadLHqNtmKgbfyYVF0
Requested by
Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2bhkMLd46cM8h21J3otm4lH3mXXZj70mhZTPevidT4n2AyiPk8M9ZmL05WasSyaW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
cfd7d17c6a0b31fb20be7a6e1f47a922b808821ea7c26e82db35be03139bcedb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-us-east1
date
Tue, 15 Feb 2022 21:35:37 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-us-east1-spot-wp3l
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
201
expires
Tue, 15 Feb 2022 21:35:36 GMT
match
c1.adform.net/serving/cookie/ Frame E317
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:37 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 15 Feb 2022 21:35:37 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 1159
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YgwcqQAGb6pD5wAy
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 varnish
age
3566
x-served-by
cache-yul12832-YUL
x-cache
HIT
x-cache-hits
48609
x-timer
S1644960937.343123,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YgwcqQAGb6pD5wAy
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 varnish
x-served-by
cache-yul12832-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1644960937.310849,VS0,VE14
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame F884
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&gdpr=0&gdpr_consent=
42 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 18:04:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug022:0:427
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 15 Feb 2022 21:35:37 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master nrt-pixel-x7 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&gdpr=0&gdpr_consent=
Expires
Tue, 15 Feb 2022 21:35:36 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 99E0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZVUwN0VHRGtBQUFQeWVBaXNvUQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeU07EGDkAAAPyeAisoQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABeU07EGDkAAAPyeAisoQ&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABeU07EGDkAAAPyeAisoQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeU07EGDkAAAPyeAisoQ
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeU07EGDkAAAPyeAisoQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 16:56:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug023:0:391
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 15 Feb 2022 21:35:37 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeU07EGDkAAAPyeAisoQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 481F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kCG9R9VkTgm6dX8l8L93_w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=60149
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 16 Feb 2022 14:18:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 481F
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkwMjFCRDQ3LUQ1NjQtNEUwOS1CQTc1LTdGMjVGMEJGNzdGRhAAGg0IqbmwkAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=72634e8149cc4d360f223c24ae6d1556c381bc5523cd1a8a1d9ef5065d96ec69791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MjYzNGU4MTQ5Y2M0ZDM2MGYyMjNjMjRhZTZkMTU1NmMzODFiYzU1MjNjZDFhOGExZDllZjUwNjVkOTZlYzY5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MjYzNGU4MTQ5Y2M0ZDM2MGYyMjNjMjRhZTZkMTU1NmMzODFiYzU1MjNjZDFhOGExZDllZjUwNjVkOTZlYzY5NzkxNDI2YjU0MTdkY2UyMRAAGgwIqbmwkAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=3566068a-e384-49c9-abcf-fc1f74ec0477
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=3566068a-e384-49c9-abcf-fc1f74ec0477
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=3566068a-e384-49c9-abcf-fc1f74ec0477
date
Tue, 15 Feb 2022 21:35:38 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 481F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4b46620c-1ca9-4f00-bea3-ad06a4d5f2e8
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4b46620c-1ca9-4f00-bea3-ad06a4d5f2e8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
MT3 4133 baa842e master nrt-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4b46620c-1ca9-4f00-bea3-ad06a4d5f2e8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 15 Feb 2022 21:35:36 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 481F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTAyMUJENDctRDU2NC00RTA5LUJBNzUtN0YyNUYwQkY3N0ZG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug020:0:503
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 481F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMUSodXOE1OW3KVu5VLPUCo&google_cver=1
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMUSodXOE1OW3KVu5VLPUCo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:505
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMUSodXOE1OW3KVu5VLPUCo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 481F
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:35:33 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug027:0:366
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 15 Feb 2022 21:35:37 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 14 Feb 2022 21:35:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 481F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8271880283115917977&gdpr=0&gdpr_consent=&us_privacy=
1 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8271880283115917977&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:26:57 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug025:0:323
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8271880283115917977&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 481F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=013f5489-abdd-43ed-8226-582ddfebe20d
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=013f5489-abdd-43ed-8226-582ddfebe20d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug014:0:579
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=013f5489-abdd-43ed-8226-582ddfebe20d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
9021BD47-D564-4E09-BA75-7F25F0BF77FF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 481F 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9021BD47-D564-4E09-BA75-7F25F0BF77FF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 481F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JbP6pfRE2uWlIXfz9n.IIp2qkV.bYp0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JbP6pfRE2uWlIXfz9n.IIp2qkV.bYp0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JbP6pfRE2uWlIXfz9n.IIp2qkV.bYp0-~A&gdpr=0&gdpr_consent=
date
Tue, 15 Feb 2022 21:35:37 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 447B 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=f8b9589d-8b52-cf20-041f-1df50d598a6a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5HQ49VR126BKEN3SJPV0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 447B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YgwcqQAGbTJD6QAy
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgwcqQAGbTJD6QAy&_test=YgwcqQAGbTJD6QAy
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgwcqQAGbTJD6QAy&_test=YgwcqQAGbTJD6QAy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644960937.467384,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgwcqQAGbTJD6QAy&_test=YgwcqQAGbTJD6QAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
34a842a4-0754-e693-f5c6-89979a3d8cc3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 447B 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/34a842a4-0754-e693-f5c6-89979a3d8cc3?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 447B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a06f24e0-97f8-74da-c411-9f62656a418a&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=013f5489-abdd-43ed-8226-582ddfebe20d&ttd_puid=a06f24e0-97f8-74da-c411-9f62656a418a
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=013f5489-abdd-43ed-8226-582ddfebe20d&ttd_puid=a06f24e0-97f8-74da-c411-9f62656a418a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=013f5489-abdd-43ed-8226-582ddfebe20d&ttd_puid=a06f24e0-97f8-74da-c411-9f62656a418a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame 447B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGMwMGY3MmEtNWU4Zi0yYTdlLWQxZjEtYzVkYmFmODg4ZmVh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 447B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKvjfMiL4EKMlyOT78TI1Ao&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKvjfMiL4EKMlyOT78TI1Ao&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKvjfMiL4EKMlyOT78TI1Ao&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 80D0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=013f5489-abdd-43ed-8226-582ddfebe20d&expiration=1647552937&gdpr=0&gdpr_consent=
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=013f5489-abdd-43ed-8226-582ddfebe20d&expiration=1647552937&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=013f5489-abdd-43ed-8226-582ddfebe20d&expiration=1647552937&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 80D0 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J00NM6MT7VZHVP6K611V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 80D0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgwcqAdSSrXi2CkqYWrfowAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOa5on1Oh0qOLt3WGuZKzW8&google_cver=1
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOa5on1Oh0qOLt3WGuZKzW8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOa5on1Oh0qOLt3WGuZKzW8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 80D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM_BpngiCEa0roI8_28Wfys&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM_BpngiCEa0roI8_28Wfys&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM_BpngiCEa0roI8_28Wfys&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 80D0
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6982473371180712174&uid=Q6982473371180712174&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6982473371180712174
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6982473371180712174
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:37 GMT

Redirect headers

Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6982473371180712174
Cache-Control
max-age=52026
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 80D0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=36fb55cc-8ea7-11ec-9c76-a035d55853f1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=36fb55cc-8ea7-11ec-9c76-a035d55853f1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:37 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=36fb55cc-8ea7-11ec-9c76-a035d55853f1
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-9
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame 80D0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e6e841ae-f59b-4038-884c-614a98376bee&ssp=index&expires=30&user_group=5&bsw_param=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ed239641-d788-4f62-a800-8b3ea6dac16f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ed239641-d788-4f62-a800-8b3ea6dac16f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:38 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ed239641-d788-4f62-a800-8b3ea6dac16f
Date
Tue, 15 Feb 2022 21:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 80D0
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=074f220407de11c827e93899&expiration=[EXPIRATION]
43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=074f220407de11c827e93899&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:37 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=074f220407de11c827e93899&expiration=[EXPIRATION]
Date
Tue, 15 Feb 2022 21:35:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
ecm3
s.amazon-adsystem.com/ Frame 80D0 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E0M6APMZX83ZW9G99T1E
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame BC3F 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=ge46faded739ab93e512
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
16W8XF0S27PCCJWNXSEJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame BC3F
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=7341874419548819343&pn_id=an
0
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=7341874419548819343&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
725a9bfb-bf39-43a4-bc87-474d155aae57
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
093d52b8-e35f-4955-9db5-72fb71e552d6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=7341874419548819343&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame BC3F
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119781&expires=5&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=ed239641-d788-4f62-a800-8b3ea6dac16f&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=ed239641-d788-4f62-a800-8b3ea6dac16f&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=ed239641-d788-4f62-a800-8b3ea6dac16f&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Tue, 15 Feb 2022 21:35:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame BC3F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=013f5489-abdd-43ed-8226-582ddfebe20d
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=013f5489-abdd-43ed-8226-582ddfebe20d
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=013f5489-abdd-43ed-8226-582ddfebe20d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame BC3F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=UKiHbJnYSxFCTxSnbGkqxZU4mbI
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=UKiHbJnYSxFCTxSnbGkqxZU4mbI
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.236.139.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-139-147.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=UKiHbJnYSxFCTxSnbGkqxZU4mbI
Date
Tue, 15 Feb 2022 21:35:37 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame BC3F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=3C4Iq6OQzwe8&ev=1&pn_id=pp&pid=561118
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=3C4Iq6OQzwe8&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.225.165.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-165-174.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=3C4Iq6OQzwe8&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/ Frame 9123 		107 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25ba24efeff681cdffa9382524106994957f089d9e021eb73890979e5c8688ee
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
22698
date
Fri, 11 Feb 2022 08:02:38 GMT
expires
Sat, 11 Feb 2023 08:02:38 GMT
cache-control
public, max-age=31536000
age
394379
last-modified
Wed, 07 Dec 2016 07:31:08 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 01D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGzuQqBwMYudBg4ibBImxlvAN27uG7mfO1_Gbtwnh0oPPgQoQASC0zpUIYH2gAZrQpqEDyAEJqQL3TAHuqEuqPuACAKgDAcgDCKoE3AJP0JekWfXnO4OVZtu2fGu0Yz32zO10KJxRuafhD48VgWEJjLxzXJ-bD9cxfYftXthU9yY3Rj4VFpR2qhPrGdGUeagbvzfvWcdbrwPOS_RxjiBLkPnlB4Z5PmDnCMLMkH4yzi8H6kZkELx4JCztS5J00Mjtrrh5Vt8k4cDOguwDFEUXzZ91W4_QBdtZ8OA-Ny6sRRW9Lv3klG-AXqRlCSK9Lk0B0JszNAvEn3pPHO14oKSOeMOCjHwtlHOqW6YfCiI5YsRpryUVhlttmw3hfTrCkhZtmDChRw0qlm7E5w4klhxUWbHdQM_VwbtDRp0a3L_gb2n971wXT11E0rb8S4NQCSQcrfdI0hbgfTz_wuOqCsjUyTgaE8EQfkGnE4qGVe3oV_G5gB_g095NTC_KNC-QHUbVyJYfOCcO0sN_bOcJJrKbwqKoQIRwaJGwreZpho7nFxtS-egnUUVEelrABP_o9dmWAuAEAZIFBAgEGAGSBQQIBRgEoAYugAfOr9leqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiJUG0ggHCIBhEAEYH4AKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi01MTkwOTM1NjUzMzczNzM5GMCGEA&sigh=6blkVeau90Y&uach_m=[UACH]&template_id=419
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 01D9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7847
x-xss-protection
0
server
cafe
etag
11854797672689052815
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 21:32:36 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 01D9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 21:33:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01D9 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:35:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 01D9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6405
x-xss-protection
0
server
cafe
etag
2993485572248006277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 21:32:15 GMT
l
www.google.com/ads/measurement/ Frame 01D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP9eKooIDKg2f042JljWYUkZx73IeV10Gru4r206fjm4YAsiow3mt3WhJEntRmGrB0iJ0D2FHrrfYEUkLOuYUZG0C7XQ
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 01D9 		68 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Qnhuc01LTmVrWXlsbFl0dDlTTXZsTzFOMmhNLzIyMzY4MDY4ODA6MzAweDI1MA==&v=5&s=v31frvkvtdu&id=eyJkZnAiOnsiYWQiOjE2OTcyMDE2LCJjIjpudWxsLCJsIjowLCJvIjoyMjM2ODA2ODgwLCJBIjoiLzQwMTEvdHJiLm55ZG4vbmV3cy93b3JsZCIsInkiOjExOTMyMCwiY28iOjAsInMiOiJ6ZXVzX2NfODI5In19&sb=undefined&cb=4909227&h=www.nydailynews.com&d=eyJ3aCI6IlFuaHVjMDFMVG1WcldYbHNiRmwwZERsVFRYWnNUekZPTW1oTkx6SXlNelk0TURZNE9EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMjM2ODA2ODgwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.181.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-181-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
nginx
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C41C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f447a251d15326bfba7606a477cc072b2e452ec2f76d3970a8a1f45be11d9402

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43098
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 16 Feb 2022 09:33:55 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.nydailynews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nydailynews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3428847557343757&correlator=1864239795800197&output=ldjh&eid=31064540&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=4011%2Ctrb.nydn%2Cnews%2Cworld&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&prev_scp=slot%3Dzeus_mh_ldb_cbo_1%26pos%3D1%26cnsd%3Dpts_darc_p1_uad%26optimera%3DZ%2CD4%2CE1%2CSA1%2CM7%2CM1%2CL5%2CJ0%2CB%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_mh_ldb_cbo_1.init.dsk%26amznbid%3D4mof0g%26amznp%3D1862k1s%26amzniid%3DIq1NoVhNomkfIBmO5Gk0WS4AAAF-_0_yTAEAAA2vAWaonz4%26amznsz%3D970x250%26zeus_appnexus%3D5%26zeus_auctionid_appnexus%3D2064015991664669035&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.nydailynews.com%26epvid%3D1644960934512_337635938%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.nydn%26slug%3Dnydn-news-world-names-faces-aboard-malaysia-airlines-flight-370-1-1739217%26cid%3D1.1739217%26at%3DtaxonomyTags%26kw%3Dbeijing%252Cmalaysia%252Cchina%252Cfather%252Cwife%252Chusband%252Cflight%252Cchild%252Ccompany%252Cvacation%252Ctrip%252Chome%252Cartist%252Ccouple%252Cmother%252Cfamily%252Cson%252Cway%252Cbusiness%252Cmoney%252Cplane%252Cfriend%252Ctime%252CBeijing%252Cbirthday%26tg%3DDefenseandCybersecurity%26design%3Darc%26nopulse%3Dtrue%26zeus_insights%3Dj7p%252Chdq%252Cwug%252C65r%252C3bu%252Ckiv%252Cgic%252Cbs0%26ccaud%3D473040%252Call%252C663817%252C747175%252C514644%252C473081%26lpid%3Df7a752960b88f39ddc708de0b4bfaade&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&bc=31&abxe=1&dt=1644960937499&lmt=1644959049&dlt=1644960934313&idt=618&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=214&adks=1013740696&ucis=3&ifi=3&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&vis=1&scr_x=0&scr_y=0&psz=1200x127&msz=1x0&psts=AGkb-H-4Hbj85bXu2IRKcBivethoERel2zm7VfX67dd24M0Y2x93ziTI-WK7EHU5UnxtjaijtZIbkNvTe5SFMys3h2YA2NlrLnfvsAZj_Q&ga_vid=236439561.1644960935&ga_sid=1644960935&ga_hid=1166886326&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
fada94e13311cc5684285cf9f0824092e1d66c1a115996ac7ac5b1d56b365de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8405
x-xss-protection
0
google-lineitem-id
5120814619
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275868795
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2nue1lFXjWqgJ16__NqUx1rNro_J9qcrkUXbMGgm5CtwuUs5m6wYyPBWIcnMfzHrGrsTVVkw
smoggysnakes.com/ 		3 B
37 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smoggysnakes.com/v2nue1lFXjWqgJ16__NqUx1rNro_J9qcrkUXbMGgm5CtwuUs5m6wYyPBWIcnMfzHrGrsTVVkw
Requested by
Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2bhkMLd46cM8h21J3otm4lH3mXXZj70mhZTPevidT4n2AyiPk8M9ZmL05WasSyaW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-us-east1
date
Tue, 15 Feb 2022 21:35:37 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-us-east1-spot-wp3l
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
player.css
cds.connatix.com/p/150597/ 		55 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/150597/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc2642e2823bde079eb7e4e9ab025eb2c4810e698a42a1d01464d5dbad51cb03

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 16:16:13 GMT
age
19001
etag
"e6db75e5bf39fd49d738f66c98d00ce4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8435
pls
capi.connatix.com/core/ Frame A1AE 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
b285fa2d18542ad8efe8a1c8024807f9af0793e6b028973e01059a636b10d0fb

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2825
ecm3
s.amazon-adsystem.com/ Frame C41C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZON9OYT-C-HI4X
  • https://s.amazon-adsystem.com/ecm3?id=KZON9OYT-C-HI4X&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KZON9OYT-C-HI4X&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CM0DGWEDQX1YNGTXMW67
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KZON9OYT-C-HI4X&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
bulk
trc.taboola.com/nydailynews-nydailynews/log/3/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nydailynews-nydailynews/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960938.712349,VS0,VE12
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
css
fonts.googleapis.com/ Frame 9123 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 21:31:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 21:35:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 21:35:37 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9123 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 16 Feb 2022 06:12:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9123 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 16 Feb 2022 13:05:56 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 34A6 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Tue, 15 Feb 2022 21:18:26 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
1031
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 01D9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de70afdf2ae9c96e5a238f2e34cab6332dda5b183a30ac3e1f3097a5fbb221e6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
v1
ads.yahoo.com/cms/ Frame C41C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZON9OYT-C-HI4X&sigv=1&esig=2~c029b72c8f428f32b906c1bb6054429cb8bd0ca1
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZON9OYT-C-HI4X&sigv=1&esig=2~c029b72c8f428f32b906c1bb6054429cb8bd0ca1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2001:4998:1c:800::1000 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZON9OYT-C-HI4X&sigv=1&esig=2~c029b72c8f428f32b906c1bb6054429cb8bd0ca1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C41C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGDqYgT-w4mhKakEUYwRyI&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGDqYgT-w4mhKakEUYwRyI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGDqYgT-w4mhKakEUYwRyI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C41C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgwcqQAGbTJD6QAy
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgwcqQAGbTJD6QAy
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644960938.808639,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgwcqQAGbTJD6QAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame C41C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=013f5489-abdd-43ed-8226-582ddfebe20d&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=013f5489-abdd-43ed-8226-582ddfebe20d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=013f5489-abdd-43ed-8226-582ddfebe20d&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame C41C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjQ5MTRlMGQxYmNiYzlhZjljMWI1YjQ4NmE3ZjkyMGMxMzM0NzJjNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjQ5MTRlMGQxYmNiYzlhZjljMWI1YjQ4NmE3ZjkyMGMxMzM0NzJjNA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjQ5MTRlMGQxYmNiYzlhZjljMWI1YjQ4NmE3ZjkyMGMxMzM0NzJjNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C41C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pPTjlPWVQtQy1ISTRY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pPTjlPWVQtQy1ISTRY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pPTjlPWVQtQy1ISTRY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C41C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e95620c-1ca9-4700-919b-67f5c4b03518
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e95620c-1ca9-4700-919b-67f5c4b03518
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Content-Type
image/gif

Redirect headers

Date
Tue, 15 Feb 2022 21:35:37 GMT
Server
MT3 4133 baa842e master nrt-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=3e95620c-1ca9-4700-919b-67f5c4b03518
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 15 Feb 2022 21:35:36 GMT
token
token.rubiconproject.com/ Frame C41C 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 9123 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 15:58:15 GMT
x-content-type-options
nosniff
age
106642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 14 Feb 2023 15:58:15 GMT
insights.bin
ins.connatix.com/ffc4d445-1987-4e08-8396-f8627d344b6b/3/ Frame A1AE 		353 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/ffc4d445-1987-4e08-8396-f8627d344b6b/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c6b45ce8ca0a28f418decd40c175f3abdc3d4f38e011928f965d9ca00c46513

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 08:47:59 GMT
age
9204159
etag
"7fd40e201edd31ad5465edae6ca5e912"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
257
insights.bin
ins.connatix.com/15d9cb3a-2652-4a1e-bdef-95421843a3a6/3/ Frame A1AE 		533 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/15d9cb3a-2652-4a1e-bdef-95421843a3a6/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b09ea579d23bbd93059988b2cecd6d468b6963d86d2fa5a0cedc7e65c7226340

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 09:59:13 GMT
age
1603772
etag
"6972ef4370a5c72b9cc76a1c7c73a6ae"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
352
insights.bin
ins.connatix.com/78b4e091-bd5d-475c-9ed1-9a0bbfe32786/3/ Frame A1AE 		677 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/78b4e091-bd5d-475c-9ed1-9a0bbfe32786/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ec9f4880ece4d620da10f84c3200bd3abc058fe5b7868847ecf7dfa6c0e6686

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 08:43:50 GMT
age
8953337
etag
"fdf034f927b2190a4023c759483ce8c9"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
426
insights.bin
ins.connatix.com/448125af-186b-4eef-84eb-f7c3c829743f/3/ Frame A1AE 		317 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/448125af-186b-4eef-84eb-f7c3c829743f/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc72dc2e180487b65563ea7416932c028e9679a733cd23b6ff898df256b2d4c1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 14:48:49 GMT
age
8351575
etag
"d2bdc15870bd6d6d74115c754f74fce8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
233
insights.bin
ins.connatix.com/89356587-332c-48da-9c10-d59c6bd36ea8/3/ Frame A1AE 		425 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/89356587-332c-48da-9c10-d59c6bd36ea8/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
17a238c718b32f43cce7f677d9304367e09cfb492a17d4228d49515211759204

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 10:07:13 GMT
age
3593650
etag
"0e0b9893454bf7919e7884a11311793c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
291
sr
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
235e6a41fa0aed4266e6861cdddbdaa3c195b32a0a457af0c8452caa9f5e1319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27277
x-xss-protection
0
server
sffe
etag
"1133 / 978 of 1000 / last-modified: 1644926774"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 15 Feb 2022 21:35:37 GMT
3_media.bin
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		910 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/3_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
420b866f2e87987f86bf6e783f550165344a1c319ae537d6da40280f86ed64a5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 10:12:57 GMT
age
6072242
etag
"7a46b52e8117a102bafe1bb5c28400fa"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
631
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A1AE 		364 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2f8c21e68c524026b25b545fd5bd903ec2de1411241bff94edf0f49d1550a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123415
x-xss-protection
0
expires
Tue, 15 Feb 2022 21:35:38 GMT
pls
capi.connatix.com/core/ Frame A1AE 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
181d52e40ee601a5e401d1ce2a5ae8d49deaa3d8123c59b7c5907c1e7eac7d4a

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2802
1.png
img.connatix.com/53344de6-41aa-4839-8c7e-182de7980f3f/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/53344de6-41aa-4839-8c7e-182de7980f3f/1.png
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43fbbe355f40735e833eb1acd033f1cec8e3d31a8531c1ca1e7b0a1c6e5a66fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
br
age
832663
etag
"gAc/2Gc+fM9aq8w88fxHelKEyBKnYhPyN9WrKOAo8uQ"
access-control-max-age
86400
fastly-io-info
ifsz=30955 idim=1200x472 ifmt=png ofsz=19690 odim=1200x472 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
18916
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dBeeswax%26cid%3d4364f889-b376-11e9-b4d2-06948...
  • https://cks.connatix.com/cks?pid=15&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABeU07EGDkAAAPyeAisoQ
132 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABeU07EGDkAAAPyeAisoQ
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82735d5f7439f34c95f976a2e2833eaa03d719a0aecedbfef1784a6c0bf67902

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
132
retry-after
0

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABeU07EGDkAAAPyeAisoQ
Date
Tue, 15 Feb 2022 21:35:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://cks.connatix.com/cks?pid=19&uid=013f5489-abdd-43ed-8226-582ddfebe20d&ttl=1647552938
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=013f5489-abdd-43ed-8226-582ddfebe20d&ttl=1647552938
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c94563bc83700f42294321f5ff7e84e13fdddf8080811a79a57233ea471d028b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=013f5489-abdd-43ed-8226-582ddfebe20d&ttl=1647552938
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dAppNexus%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d%24UID
  • https://cks.connatix.com/cks?pid=6&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=7341874419548819343
128 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=7341874419548819343
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
74bc631d394d3977843c98ddaa2ce877996ac5db0efa0fb094a5dc1feead24d5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
128
retry-after
0

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:38 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b2a70374-7dfb-4048-9fca-f4b52887b243
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cks.connatix.com/cks?pid=6&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=7341874419548819343
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dSpotX%26cid%3d4364f889-b376-11e9-b4d2...
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3d616ed7ca6cf94054a363e9fc9aa63997%26pname%3dSpotX%26cid%3d4364f889-b376-11e9-b4d2...
  • https://cks.connatix.com/cks?pid=10&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=37597b60-8ea7-11ec-b4e0-145284e10203
146 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=10&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=37597b60-8ea7-11ec-b4e0-145284e10203
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6f60247410a8be0b2b1e6468c33b99e2d27b5e82ce6c0f9dabfdc2b83994f68

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

Date
Tue, 15 Feb 2022 21:35:38 GMT
Server
nginx
Location
https://cks.connatix.com/cks?pid=10&ev=616ed7ca6cf94054a363e9fc9aa63997&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=37597b60-8ea7-11ec-b4e0-145284e10203
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
155
Connection
keep-alive
Content-Length
0
ao
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame A1AE 		256 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
20bc354edc7497a7c66d133c7a6d1c2c92a0e10a3d4b181936e76fb6ebea4a5e

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
210
ps
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/ffc4d445-1987-4e08-8396-f8627d344b6b/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/ffc4d445-1987-4e08-8396-f8627d344b6b/1_th.jpg?crop=550:309,smart&width=550&height=309&format=jpeg&quality=60&fit=crop
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e103b4b8e054534fe795815addb2068b5db87382812f5893983f2405e36ee094

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
br
age
2461328
etag
"A462rxDGxhnPU2S8wHJW+9e05a8xBmw90siDC3bkL8E"
access-control-max-age
86400
fastly-io-info
ifsz=18265 idim=375x212 ifmt=jpeg ofsz=13150 odim=375x211 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
12791
sr
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
2_media.bin
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		564 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
712e082420d339950c25c4bb3ff7a5b10d414bfd1ac6c889d1a74f34c287d61e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 13:44:41 GMT
age
5052549
etag
"ed485480406952c09b2432bb34310938"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
385
1.png
img.connatix.com/1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/1.png
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43fbbe355f40735e833eb1acd033f1cec8e3d31a8531c1ca1e7b0a1c6e5a66fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
br
age
2347817
etag
"gAc/2Gc+fM9aq8w88fxHelKEyBKnYhPyN9WrKOAo8uQ"
access-control-max-age
86400
fastly-io-info
ifsz=47782 idim=1200x472 ifmt=png ofsz=19690 odim=1200x472 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
18916
prebid6.7.0.js
cds.connatix.com/p/plugins/ Frame CFC4 		425 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.7.0.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75d00d9deffe5417131ea0a704064a1e7abdfbf4a3f9bd0199db30e2b583b378

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 11:17:31 GMT
age
1335925
etag
"c001df525a7f6bc2df186d22f1e462bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
115369
si
googleads.g.doubleclick.net/pagead/drt/ Frame 34A6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Feb 2022 21:35:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Feb 2022 21:35:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
score-marker.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/ Frame 9123 		599 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/score-marker.svg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29fabe1246ef70aff9a23ae15affd1db007d8bf29d597ec2764625d66a5485ff
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
408077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
x-xss-protection
0
last-modified
Wed, 07 Dec 2016 07:31:08 GMT
server
sffe
date
Fri, 11 Feb 2022 04:14:21 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 11 Feb 2023 04:14:21 GMT
ck-logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/ Frame 9123 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/ck-logo.svg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
210c8cdb7666d017a1d903f7c8901d64c1d0367ea5174d8a55108e7ac6879526
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
408077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1500
x-xss-protection
0
last-modified
Wed, 07 Dec 2016 07:31:08 GMT
server
sffe
date
Fri, 11 Feb 2022 04:14:21 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 11 Feb 2023 04:14:21 GMT
double-arrow.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/ Frame 9123 		989 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/double-arrow.svg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24c62e56138e10adf9e0ff0c1c9b3e2724c5d26ce5e88a6814ded6cab0e5d755
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
162417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
487
x-xss-protection
0
last-modified
Wed, 07 Dec 2016 07:31:08 GMT
server
sffe
date
Mon, 14 Feb 2022 00:28:41 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 14 Feb 2023 00:28:41 GMT
thermo-bar.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/ Frame 9123 		2 KB
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13286604602864346121/thermo-bar.svg
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60300d1760edb1382a5078de0c68d0fee6f89005f342685317497348b58c1e25
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
408077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
622
x-xss-protection
0
last-modified
Wed, 07 Dec 2016 07:31:08 GMT
server
sffe
date
Fri, 11 Feb 2022 04:14:21 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 11 Feb 2023 04:14:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 92CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBSX9MZHGHdDdiV0lr4PdqaePwLHH2FBE2mMDY8iX56pqDn3qfDfYqhb-088jB5AfoQLDKvNmH0zzSlEM4_wWbWKss2LQ2kjS2JVo8AJIZk6PuPDzVy0KZYafVWDr7C6kGlsfY9Xs0gQchRQP8mJJYbfi78_nTpE7f6UWWLHpv7LFWJwXzFkoX1kJb05NZST2tO_RUWtHcaMTnCD9nlGnkegG1kXBZN4QmSQgdpx6MEv9WRvknKpO2gzBmfGMzlOH5r8lMWug8vEdEPMC7D3I0R2NiQi7kZRlArgo-7SA2vZQxoE3Mrb76xzlPNuaab3Q&sig=Cg0ArKJSzCKOIFZqA0G5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
admj
aax-us-east.amazon-adsystem.com/e/dtb/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admj?b=Iq1NoVhNomkfIBmO5Gk0WS4AAAF-_0_yTAEAAA2vAWaonz4&rnd=660455957091644960938177&pp=4mof0g&p=1862k1s&crid=3658_15038_T10909359&ep=%7B%22ce%22%3A%221%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5712050006ac7533c3fee3d31948becaf8f352af45e3cffd99c31a38b045886b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8SD51BZVQWH0KEAQAZ3V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, max-age=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
18920
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 92CE 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:35:38 GMT
playlist.m3u8
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		309 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/playlist.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 20:45:25 GMT
age
6605370
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
ao
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame A1AE 		256 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
4d1dbb0879a10aef55e9467fef55dbf57f603aba140cb0453b1c018b4fb56326

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
211
ps
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/30693875-87f4-4115-bb9d-719832d9fc86/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/30693875-87f4-4115-bb9d-719832d9fc86/1_th.jpg?crop=550:309,smart&width=550&height=309&format=jpeg&quality=60&fit=crop
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
81e8db5bc7f5ff163f4a9024aea7ce3004973ea4b69c5276e38825c2f81d27d3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
br
age
2460766
etag
"uKi/6oHwKnIJoSRp29/H09WdXseLbpr/iNpeJrhE0rI"
access-control-max-age
86400
fastly-io-info
ifsz=8140 idim=375x212 ifmt=jpeg ofsz=6502 odim=375x211 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
6104
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
0.m3u8
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/0.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96b675b1ce6c023c67574d00b2a1b39a9e6b075671bc7adfcce6c309344a91f0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 20:45:23 GMT
age
6607407
etag
"65165e18b8c2372e5b728da28372133b"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
3851
prebid6.7.0.js
cds.connatix.com/p/plugins/ Frame 3FFE 		425 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.7.0.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75d00d9deffe5417131ea0a704064a1e7abdfbf4a3f9bd0199db30e2b583b378

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 11:17:31 GMT
age
1335925
etag
"c001df525a7f6bc2df186d22f1e462bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
115369
bridge3.500.0_en.html
imasdk.googleapis.com/js/core/ Frame A892 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0111fd63ea6e0b9602cfe26543275c1c56571ce54a99fc286a62c480027047f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195488
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 22:30:01 GMT
expires
Tue, 14 Feb 2023 22:30:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 14 Feb 2022 22:23:22 GMT
content-type
text/html
age
83137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A1AE 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Feb 2022 21:35:38 GMT
bridge3.500.0_en.html
imasdk.googleapis.com/js/core/ Frame 0A3C 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0111fd63ea6e0b9602cfe26543275c1c56571ce54a99fc286a62c480027047f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195488
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 22:30:01 GMT
expires
Tue, 14 Feb 2023 22:30:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 14 Feb 2022 22:23:22 GMT
content-type
text/html
age
83137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.500.0_en.html
imasdk.googleapis.com/js/core/ Frame 07C8 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0111fd63ea6e0b9602cfe26543275c1c56571ce54a99fc286a62c480027047f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195488
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 22:30:01 GMT
expires
Tue, 14 Feb 2023 22:30:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 14 Feb 2022 22:23:22 GMT
content-type
text/html
age
83137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.500.0_en.html
imasdk.googleapis.com/js/core/ Frame F68C 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0111fd63ea6e0b9602cfe26543275c1c56571ce54a99fc286a62c480027047f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195488
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 22:30:01 GMT
expires
Tue, 14 Feb 2023 22:30:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 14 Feb 2022 22:23:22 GMT
content-type
text/html
age
83137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame A1AE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.500.0_en.html
imasdk.googleapis.com/js/core/ Frame 28C2 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0111fd63ea6e0b9602cfe26543275c1c56571ce54a99fc286a62c480027047f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195488
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 22:30:01 GMT
expires
Tue, 14 Feb 2023 22:30:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 14 Feb 2022 22:23:22 GMT
content-type
text/html
age
83137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.500.0_en.html
imasdk.googleapis.com/js/core/ Frame 1CBC 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0111fd63ea6e0b9602cfe26543275c1c56571ce54a99fc286a62c480027047f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195488
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 22:30:01 GMT
expires
Tue, 14 Feb 2023 22:30:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 14 Feb 2022 22:23:22 GMT
content-type
text/html
age
83137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mvo
tag.1rx.io/rmp/230257/0/ Frame CFC4 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame CFC4 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame CFC4 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame CFC4 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
truncated
/ Frame 92CE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33d2541f75ad90cc7935e7782e90eecedcdffa11fab094ea91b9083a91aefa6f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 92CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk9Sfd93RGogugAsc1t3oOrZs2Qr6EjK4InEwbtXvWTvUzbJyYJj9HeWSXUyp214WDqz_XjEjGqyeHA7p0vfdVVOReO47w-QYnMWriMxQ3ohRAQN4KwwyrUJa1h7rafv0J39MKllgCeEULUW1owtQwxZoRqHj8QNLutcUBTIy8THGxln-ubKrbkwibT4tpKdTgAR2d3aTLS0AbCmnrGgjBefW_VrjENsytuzDcl5YwScUXgjLdEetJCckc_yvRr0aTqVo0NvT50NuYyYx5ujVNP1vGTIweu5pkOdFqA8MPSCRGlUftOwdjh9dtXzaiCgW8Ig&sig=Cg0ArKJSzEEZTg7vITZWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 15 Feb 2022 21:35:38 GMT
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 2EF7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Tue, 15 Feb 2022 21:35:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960939.759004,VS0,VE11
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12824-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 2EF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEENFr1xjjpQmUEuO-eFFc98&google_cver=1
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEENFr1xjjpQmUEuO-eFFc98&google_cver=1
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
12
date
Tue, 15 Feb 2022 21:35:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960939.763237,VS0,VE12
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEENFr1xjjpQmUEuO-eFFc98&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2EF7 		42 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227:$UID
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug016:0:594
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 2EF7
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
date
Tue, 15 Feb 2022 21:35:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17400
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2EF7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=013f5489-abdd-43ed-8226-582ddfebe20d
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=013f5489-abdd-43ed-8226-582ddfebe20d
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Tue, 15 Feb 2022 21:35:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960939.762542,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=013f5489-abdd-43ed-8226-582ddfebe20d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 2EF7
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:38 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:38 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 2EF7 		49 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-56659f45bd-7rxsg
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 2EF7 		43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&gdpr=0&gdpr_consent=
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 2EF7 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.42.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-42-45.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-length
43
x-nosync
emp
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2EF7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6dd842b3-f84a-4806-9cab-93e1e8d6f3ad
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6dd842b3-f84a-4806-9cab-93e1e8d6f3ad
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17373

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6dd842b3-f84a-4806-9cab-93e1e8d6f3ad
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1052330
content-length
0
expires
Tue, 15 Feb 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 2EF7
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7341874419548819343&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOb9eMiJy49sFN0zYLHq5PAyVXcu-qjwy_z7ArCA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=3e95620c-1ca9-4700-919b-67f5c4b03518&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=013f5489-abdd-43ed-8226-582ddfebe20d&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/3/5.gif?puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/2/6.gif?puid=e71b02ea-6e43-4b95-a180-357b61e1aff7&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/1/7.gif?puid=53dedc75-b99a-44ee-ad6a-b4a47de6748c&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/136/0/8.gif?puid=YgwcqQAGbTJD6QAy&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOb9eMiJy49sFN0zYLHq5PAyVXcu-qjwy_z7ArCA
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOb9eMiJy49sFN0zYLHq5PAyVXcu-qjwy_z7ArCA
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19958

Redirect headers

Location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOb9eMiJy49sFN0zYLHq5PAyVXcu-qjwy_z7ArCA
Date
Tue, 15 Feb 2022 21:35:40 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 2EF7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8144174960646922484&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ed239641-d788-4f62-a800-8b3ea6dac16f
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ed239641-d788-4f62-a800-8b3ea6dac16f
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23321

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ed239641-d788-4f62-a800-8b3ea6dac16f
Date
Tue, 15 Feb 2022 21:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 2EF7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6bda85a5-2fe9-465b-a7aa-dd391f814622
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6bda85a5-2fe9-465b-a7aa-dd391f814622&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D6bda85a5-2fe9-...
0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6bda85a5-2fe9-465b-a7aa-dd391f814622&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D6bda85a5-2fe9-465b-a7aa-dd391f814622&isDirect=0
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960939.077256,VS0,VE182
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6bda85a5-2fe9-465b-a7aa-dd391f814622&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D6bda85a5-2fe9-465b-a7aa-dd391f814622&isDirect=0
date
Tue, 15 Feb 2022 21:35:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23321
sd
u.openx.net/w/1.0/ Frame 2EF7 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&gdpr=0&gdpr_consent=
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 2EF7 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&dongle=tbla
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 2EF7 		49 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
61
content-type
image/gif
content-length
49
expires
0
/
sync.taboola.com/sg/kadamrtb-network/1/rtb-h/ Frame 2EF7
Redirect Chain
  • https://s.uuidksinc.net/match/951/?remote_uid=SSP_UID
  • https://sync.taboola.com/sg/kadamrtb-network/1/rtb-h/?taboola_hm=1hjsszwk42XSCP7cwRde
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/kadamrtb-network/1/rtb-h/?taboola_hm=1hjsszwk42XSCP7cwRde
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22473

Redirect headers

location
https://sync.taboola.com/sg/kadamrtb-network/1/rtb-h/?taboola_hm=1hjsszwk42XSCP7cwRde
date
Tue, 15 Feb 2022 21:35:39 GMT
server
nginx/1.19.0
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1167
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
9uwp48XlQvboE+7bSu7PSAiSi+m0rcItjNv9vTqU823ZmC1O8hzpSt9NbhJRz/4WmEQSBeeJhSU=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1644960939.672978,VS0,VE0
date
Tue, 15 Feb 2022 21:35:38 GMT
vary
Accept-Encoding
x-amz-request-id
590TJHPYC4BDJ5CB
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
5526
eid.js
cdn.taboola.com/scripts/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
26188
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
VYmgr+4vbqbkCYmDYf55eo0+P31q4tgIF1d7wduuGOmAyYqKyLW8oM0U9QAUuDDu8TiDcI85at0=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1644960939.673082,VS0,VE0
date
Tue, 15 Feb 2022 21:35:38 GMT
vary
Accept-Encoding
x-amz-request-id
NC6J39PBM1A0VMTN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
31
x-cache-hits
173902
playlist.m3u8
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		309 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/playlist.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 19:45:48 GMT
age
1007854
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
0.mp4
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e74b4a43cf679980ff1ddf614a8f75621937e4bb44e030bd9adda76278b8a9d8

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-1330

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
last-modified
Fri, 03 Apr 2020 20:45:23 GMT
age
2300859
etag
"3f36f503010c581f014c27617d080938-10"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1330/47450516
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1331
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 12C7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:49:23 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CE19 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:49:23 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 10BA 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:49:23 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CD17 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:49:23 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F235 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:49:23 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9786 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:49:23 GMT
ttj
ib.3lift.com/ Frame EA84 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=Tribune_RON_Desktop_970x250_TAM
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-34.ewr53.r.cloudfront.net
Software
/
Resource Hash
4ecba18fe533a73880544942d21ca72a3a2ce711cf30b12aa254f31527e536c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:33:20 GMT
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
age
297
etag
"cdc5ed548c47e75ab00ae3592c376705"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
EWR53-P1
content-encoding
gzip
content-length
3053
x-amz-cf-id
-JCahOf7Tk9qa3-jNeueBN969Ym0sip7eys7BYxCnOQjFBDbzIR1zg==
imp
aax-us-east.amazon-adsystem.com/e/dtb/ Frame EA84 		43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/imp?b=Iq1NoVhNomkfIBmO5Gk0WS4AAAF-_0_yTAEAAA2vAWaonz4&pp=4mof0g&isip=1&vi=1
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SGFKQ70ENXGAZMPM20P5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-store, max-age=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
notify
tlx.3lift.com/s2s/ Frame EA84 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=6.27&ts=1644960936&aid=19010034279587409418600&ec=3658_15038_T10909359&n=GgDyAs8BCAASFzE5MDEwMDM0Mjc5NTg3NDA5NDE4NjAwGAAgASjKHDC%2BdTiO2QFAAUgAUABgAWgAcMT8IZABr%2B2ZBZgBnsWBBaABnYuXBagB%2FqnXBbAB%2BFW4AcgBwAH%2BMMgB%2BFXgAdIB8AEA%2BAH4VYAC%2FjCIAtIBkQIAAAAAAADwP5kChetRuB6F2z%2BhAgAAAAAAAPA%2FqAIAsAIAyAIB2AIA6AKO2QHxAmZmZmZmZuY%2F%2BALKHJADAJgDAKADALgDAMADAMgDANIDCGRydHpnamF04AMA%2BAIHiAMBkgMEMGNmZA%3D%3D
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.193.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-193-246.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame EA84 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=1&tid=10909359&peid=0&aid=19010034279587409418600
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
protected-by.clarium.io/ Frame EA84 		68 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_elZadDhWdG9NekxSSHRBZXVQZWFQMnlKYU5zL2FtYXpvbjo5NzB4MjUw&v=5&s=v31frvkvupl&id=eyJwcmViaWQiOnsiYWRJZCI6IjM2NThfMTUwMzhfVDEwOTA5MzU5IiwiY3BtIjpudWxsLCJzcmMiOiIlJVNPVVJDRSUlIn19&sb=undefined&cb=5244780&h=www.nydailynews.com&d=eyJ3aCI6ImVsWmFkRGhXZEc5TmVreFNTSFJCWlhWUVpXRlFNbmxLWVU1ekwyRnRZWHB2YmpvNU56QjRNalV3Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsiYW1hem9uIl0sImhiX3NpemUiOlsiOTcweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.181.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-181-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:38 GMT
Server
nginx
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi.connatix.com/core/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
0.m3u8
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/0.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
adbbbca3ab29b52b7dbca1b15bcfd4ec9f690dab8a74fa243039b736eaa5ed70

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 19:45:47 GMT
age
2297293
etag
"cdc4bb7857f849173069dde9e0971294"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
999
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
activeview
pagead2.googlesyndication.com/pcs/ Frame 01D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxsciEgsadYgZYPxWNT7P4WmNzmgPfcG-8lgC_6X93bZ4_IxrR-26-jAZ4YEYrdDiA753WyLZgTS-Cq4xPsIyurAza57og2BYkW8w7HHZhHpMvZxE&sai=AMfl-YS8WIvyTb6twmqqbjMrwCbgWT6h4S6SW7VO-8uWKmz20Feoo5u9wCbGiNPUsM137UwWs9gxRiFhZfRnubpv_aS3GA8M-mYr5ibjyH6G1WMSJfwcAAXcMwF0Jth1&sig=Cg0ArKJSzIoIOM4FYpu2EAE&cid=CAASFeRoHqi_UVavy_uieIwQ2pz4vJPjuA&id=lidar2&mcvt=1126&p=661,1056,911,1356&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1546051717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644960936805&rpt=943&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12827-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
0.mp4
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		140 KB
140 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0eaa8d7532ef0b03c5cc38e00da1409992d3c1f0230a698e6c9afb7851c966cc

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=1331-145033

Response headers

date
Tue, 15 Feb 2022 21:35:38 GMT
last-modified
Fri, 03 Apr 2020 20:45:23 GMT
age
2300859
etag
"3f36f503010c581f014c27617d080938-10"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1331-145033/47450516
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
143703
bundle.js
ib.3lift.com/rev/a805b38f8117eb256f420d114a99bd66ef61ea34/dist/ Frame EA84 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/a805b38f8117eb256f420d114a99bd66ef61ea34/dist/bundle.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-34.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c69321b6ab84ee43ff5a33c5c40991a0ad41fed8679786c73c025422e5d8992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:39:20 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 16:38:58 GMT
server
AmazonS3
age
17779
etag
"007a5b623efa64f6c53c7c27739c5714"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
80392
x-amz-cf-id
dJPLqSm36fhgcC63i8oj3YsssPA_IbCdzsdclgwVfbXWTW-tyH-_3g==
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Feb 2022 21:35:39 GMT
Cache-Control
no-store
Server
nginx
Connection
close
0.mp4
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e74b4a43cf679980ff1ddf614a8f75621937e4bb44e030bd9adda76278b8a9d8

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-1330

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
last-modified
Fri, 03 Apr 2020 19:45:47 GMT
age
1376167
etag
"72acd8b488a6a163b62123786fb4f308"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1330/10397403
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1331
%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22505DirTv909cM%22%2C%22crt%22%3A205%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223503%22%2C%22lv%22%3A%227.73.0%22%7D
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22505DirTv909cM%22%2C%22crt%22%3A205%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223503%22%2C%22lv%22%3A%227.73.0%22%7D
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y2AMDWZZ09P3PN7HKJFS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
no-cache
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
0.mp4
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		151 KB
151 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73dc4360421f490db518b8877b7dc37ea71eec4cd63839d0763fa248db070608

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=1331-155788

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
last-modified
Fri, 03 Apr 2020 19:45:47 GMT
age
1376167
etag
"72acd8b488a6a163b62123786fb4f308"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1331-155788/10397403
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
154458
tfav_adl_451.js
am.adlooxtracking.com/ads/js/ Frame 339C 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://am.adlooxtracking.com/ads/js/tfav_adl_451.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a805b38f8117eb256f420d114a99bd66ef61ea34/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.4.218.92 , Canada, ASN16276 (OVH, FR),
Reverse DNS
am03.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
4b3507382b00a0071e4d438de44d94339c88ac2873dbba5f89059fa9192323e0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:39 GMT
Last-Modified
Tue, 14 Dec 2021 11:14:25 GMT
Server
nginx/1.15.8
ETag
"61b87c91-ffbf"
Content-Type
application/javascript
Cache-Control
no-cache, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65471
triplelift
vae-bid.adsrvr.org/bid/feedback/ Frame 0AA9 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vae-bid.adsrvr.org/bid/feedback/triplelift?t=1&iid=f85c047c-a02e-4297-ba5c-42e3f81c2ba1&crid=drtzgjat&wp=11.0&aid=1&wpc=USD&sfe=14439ca8&puid=&tdid=&pid=acjf93j&ag=ks2xwbz&adv=4ecukjb&sig=1liKWS1CVtZ2nS5vurGpJwIYejtgHVMcnh6Pc3hsD8mY.&bp=11&cf=2930211&fq=0&td_s=www.nydailynews.com&rcats=zm4,hhr,7sp,5rf,7gr,3c6,2gy,hmy,y29,tmc,d3i&mcat=dv-52000310&mste=nydailynews.com&mfld=4&mssi=&mfsi=&uhow=64&agsa=&rgz=H3G&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=2842&did=tlx-27790&rcxt=Other&lat=45.499500&lon=-73.584800&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAFYAoABAIgBAZABAQ..&dur=Cj4KIWNoYXJnZS1tYXhEb3VibGVWZXJpZnlCcmFuZFNhZmV0eSIZCPH__________wESDGRvdWJsZXZlcmlmeQpDCiZjaGFyZ2UtYWxsRG91YmxlVmVyaWZ5Q3VzdG9tQ29udGV4dHVhbCIZCIf__________wESDGRvdWJsZXZlcmlmeQ..&durs=aOmAfn&crrelr=&adpt=tl_ltriplelift&ipl=32811&pcm=1&said=19010034279587409418600&ict=Unknown&auct=1&im=1&mc=ed66ff38-f23d-47ff-86ff-023546c164b8
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:38 GMT
cache-control
must-revalidate, no-cache
server
Kestrel
content-type
image/gif
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ic.php
pixelam.adlooxtracking.com/ads/ Frame 0AA9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixelam.adlooxtracking.com/ads/ic.php?_=[CACHEBUSTING]&type=pixel&plat=131&tag_id=895&client=sap_dsp&id1=www.nydailynews.com&id2=sbfanix&id3=drtzgjat&id4=333x333&id5=ks2xwbz&id6=4ecukjb&id7=triplelift&id8=acjf93j&id9=f85c047c-a02e-4297-ba5c-42e3f81c2ba1&id10=2842&id11=$ADLOOX_WEBSITE&id12=display
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
/
img.3lift.com/ Frame 339C 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.3lift.com/?width=333&height=333&alt=tl&url=https%3A%2F%2Fimages.3lift.com%2F11916542.jpg&v=1&cb=
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-31.ewr52.r.cloudfront.net
Software
/
Resource Hash
e76f7f3c955ef6adf1b8c0b25f1567ea355648ae98e80b51fa1fc56b978e9dd9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 00:52:21 GMT
via
1.1 d873eb6ebbb9da58c373c3c3b1843e76.cloudfront.net (CloudFront)
age
74598
etag
"37fe22b0e42c6484a02f1b4408d6705b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-length
25337
x-amz-cf-id
rpD-ijyQwObS2-Al2yL2LDd0U6iVEiODI9DzWCUKfGG_wsACQYA1Lg==
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=Tribune_RON_Desktop_970x250_TAM&aid=19010034279587409418600&rev=a805b38&ss=7&bc=11.0&pr=un&brid=556612&bmid=3658&clid=10511006&biid=3658&tid=10909359&sid=15038&adid=drtzgjat&did=27790&bcud=11000&ts=1644960936&caid=10864029&unid=0&domain=www.nydailynews.com&ref=https%253A%252F%252Fwww.nydailynews.com%252Fnews%252Fworld%252Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&rr=creative&fid=1&rb=0&g=0&cb=69781
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
lp
img.3lift.com/ Frame ABD4 		139 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.3lift.com/lp?width=400&height=225&url=%2F%2Fimages.3lift.com%2F11916542.jpg&logo_exclude=&v=20&no_crop=0&noCrop=1
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-31.ewr52.r.cloudfront.net
Software
/
Resource Hash
4619d76efc65e12af08dd151ebfb64cbb3996f14c943662fc8ae6a822056c83a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:18:04 GMT
via
1.1 d873eb6ebbb9da58c373c3c3b1843e76.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 16:18:04 GMT
age
19055
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-length
139
x-amz-cf-id
94grl1dp-qM2kA5xz_bH2JIWBd3JjgSt0QyY1o2rOMYXCTSNJU8hTg==
/
img.3lift.com/ Frame EA84 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.3lift.com/?width=400&height=225&url=%2F%2Fimages.3lift.com%2F11916542.jpg&logo_exclude=&v=20&no_crop=0&noCrop=1
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-31.ewr52.r.cloudfront.net
Software
/
Resource Hash
692a42563c5a455d69600d3722469c174cd42e7a19a63c1b7bc749f66d93a464

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 03:07:05 GMT
via
1.1 d873eb6ebbb9da58c373c3c3b1843e76.cloudfront.net (CloudFront)
age
66602
etag
"7d424eaed68129c51aefae1d717b5549"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-length
15141
x-amz-cf-id
9rOXTeBS2XHRYRHky_3pBXzveerQKh2NNtIQU5ZHIktDuaOUuswuiw==
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame EA84 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-34.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
359330
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
pOTIe5jPckeYGbN5f8XwHqECaB9Uu1IAV9vCKXZOpSrtXhP2-S1RDA==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame EA84 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-34.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
359330
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
c0ySTrSxjZ8oHLHNhqPt3Qu4yRYV4CEBtRGPX79Sb2cY18JiQtyJzw==
12222021-195938618-1x1_Pixel.png
s0.2mdn.net/4531883/
Redirect Chain
  • https://ad.doubleclick.net/ddm/ad/N69702.284566THETRADEDESK/B27037743.324351778;sz=1x1;ord=1644960939128;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/ad/N69702.284566THETRADEDESK/B27037743.324351778;dc_pre=CKDf0YPVgvYCFRlYDQodlksOqQ;sz=1x1;ord=1644960939128;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://s0.2mdn.net/4531883/12222021-195938618-1x1_Pixel.png
119 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4531883/12222021-195938618-1x1_Pixel.png
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H3
Server
2607:f8b0:4006:823::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b3fe35f16c8a9f7f4821aff7cae9ae1cfe86e80f6dc34053cebebc5c2d417a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:37:55 GMT
x-content-type-options
nosniff
age
17864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 03:59:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Feb 2022 16:37:55 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/4531883/12222021-195938618-1x1_Pixel.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
img.3lift.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.3lift.com/?width=400&height=225&url=%2F%2Fimages.3lift.com%2F11916542.jpg&logo_exclude=&v=20&no_crop=0&noCrop=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a805b38f8117eb256f420d114a99bd66ef61ea34/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.143.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-143-31.ewr52.r.cloudfront.net
Software
/
Resource Hash
692a42563c5a455d69600d3722469c174cd42e7a19a63c1b7bc749f66d93a464

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 03:07:05 GMT
via
1.1 d873eb6ebbb9da58c373c3c3b1843e76.cloudfront.net (CloudFront)
age
66602
etag
"7d424eaed68129c51aefae1d717b5549"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-length
15141
x-amz-cf-id
zrsq10uNGL4J5bklpXeGU3N80eRstd45j5dPy5aFG1ae8BGSojrx4w==
/
www.nydailynews.com/api/v2/render/feature/
Redirect Chain
  • https://www.nydailynews.com/api/v2/render/feature?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
  • https://www.nydailynews.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
1 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nydailynews.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Server
2600:141b:13::17d7:8228 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
361e17d5a3bc85910c2a1c34395066063984542eb330b6ca0d1dba21cae4241c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 21:34:58 GMT
server
openresty
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
private, max-age=60
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
606
expires
Tue, 15 Feb 2022 21:36:39 GMT

Redirect headers

date
Tue, 15 Feb 2022 21:35:39 GMT
server
openresty
content-type
text/html
location
/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
cache-control
private, max-age=27
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
166
expires
Tue, 15 Feb 2022 21:36:06 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=Tribune_RON_Desktop_970x250_TAM&aid=19010034279587409418600&rev=a805b38&ss=7&bc=11.0&pr=un&brid=556612&bmid=3658&clid=10511006&biid=3658&tid=10909359&sid=15038&adid=drtzgjat&did=27790&bcud=11000&ts=1644960936&caid=10864029&unid=0&domain=www.nydailynews.com&ref=https%253A%252F%252Fwww.nydailynews.com%252Fnews%252Fworld%252Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&rr=creative&fid=1&rb=0&g=0&cb=78563
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
tfav_adl_160.js
am.adlooxtracking.com/ads/js/ 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://am.adlooxtracking.com/ads/js/tfav_adl_160.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a805b38f8117eb256f420d114a99bd66ef61ea34/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.4.218.92 , Canada, ASN16276 (OVH, FR),
Reverse DNS
am03.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
ff9272fd90ea803c56180cad616a3d6debc555288156f67bd9877eb3b9f0f406

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:39 GMT
Last-Modified
Tue, 14 Dec 2021 11:14:15 GMT
Server
nginx/1.15.8
ETag
"61b87c87-ffaf"
Content-Type
application/javascript
Cache-Control
no-cache, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65455
0.mp4
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		152 KB
152 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84600db21ccdf456925566e2ee7b99d91dd93a017bce4ec361910be9208bc661

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=145034-300346

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
last-modified
Fri, 03 Apr 2020 20:45:23 GMT
age
2300860
etag
"3f36f503010c581f014c27617d080938-10"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 145034-300346/47450516
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
155313
SPug
simage4.pubmatic.com/AdServer/ Frame 481F 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159890&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-34.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
359330
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
WuDczYR-RFsA8NTRUpiM5QFSLED-Kef-A-0aB7ZLsrDx7vc4jvtp3Q==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-34.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 17:46:49 GMT
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
359330
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
M_M328o1jnFqgrp6yXbYZ86321dC-Ok15XgVorrru7Fe5Ld3DbZf2A==
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=Tribune_RON_Desktop_970x250_TAM&aid=19010034279587409418600&rev=a805b38&ss=7&bc=11.0&pr=6.27&brid=556612&bmid=3658&clid=10511006&biid=3658&tid=10909359&sid=15038&adid=drtzgjat&did=27790&bcud=11000&ts=1644960936&caid=10864029&unid=0&cepos=0&ceid=11916542&cb=58589
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ic5.php
data00.adlooxtracking.com/ads/ Frame 339C 		1 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D131%26scriptname%3Dadl_451%26tagid%3D895%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%22%7D&adloox_io=1&client=sap_dsp&campagne=451&banniere=0&visite_id=18555777020&seq=0&timezone=0&js=tfav_adl_451.js&date_regen=2021-12-14%2011%3A14%3A20&plat=131&tagid=895&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=www.nydailynews.com&id2=sbfanix&id3=drtzgjat&id4=333x333&id5=ks2xwbz&id6=4ecukjb&id7=triplelift&id8=acjf93j&id9=f85c047c-a02e-4297-ba5c-42e3f81c2ba1&id10=2842&id11=%24ADLOOX_WEBSITE&id12=display&id20=614b730&p_d=0.57&d5=109&d3=1600x1200&d6=hunt-wabbit&d7=1&appname=Netscape&fai=%40https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&iframe=3&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&ao=https%3A%2F%2Fwww.nydailynews.com&nb_cpu=4&data=522662463fffffffffffffffffffffffffffffffff&activetab=1
Requested by
Host: am.adlooxtracking.com
URL: https://am.adlooxtracking.com/ads/js/tfav_adl_451.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
nginx/1.19.8 / PHP/7.4.27
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
content-encoding
gzip
access-control-allow-origin
https://www.nydailynews.com
x-powered-by
PHP/7.4.27
route
ads-prod-c47c4766d-954wl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin
*
expires
0
0.mp4
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		227 KB
227 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c224933a534aa1bdbb50c9e5d3401d53481ad320e27b7f47a773c27e344091c7

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=155789-388341

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
last-modified
Fri, 03 Apr 2020 19:45:47 GMT
age
1376168
etag
"72acd8b488a6a163b62123786fb4f308"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 155789-388341/10397403
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
232553
ads
pubads.g.doubleclick.net/gampad/live/ Frame 0A3C 		156 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8749%2C4011%2FTribune&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2490150753649623&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3616164917&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=9D3FC052-C6F6-4467-8040-164F2D95B3E6&nel=0&eid=44750823&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dt=1644960939863&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=4121668457672962&ged=ve4_td3_tt1_pd3_la3000_er1700.441.1858.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 1CBC 		156 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8749%2C4011%2FTribune&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2195814915514690&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=820022053&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=5E97222B-349B-4522-BD47-6EDD2310C49D&nel=0&eid=44725356%2C44738437%2C44750822%2C44752711&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dt=1644960939884&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=715795180633881&ged=ve4_td3_tt1_pd3_la3000_er2376.441.2534.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com/SIE/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cGv19NEUBv6bvVP
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5d03016ff5dc2fe9b88774d407a328ce12265039062f241911cfdfcd801f22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
68464
cf-polished
origSize=8435
cf-ray
6de1aad2ed4d191b-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
20
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-k1AOXBJ3iWtkRmYAmZfGrbYbF1g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optimus_rules.json
tags.crwdcntrl.net/lt/c/13200/ 		2 KB
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/13200/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-112.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa8acae55af2687e4def8fd9c2ab60ddb636c6895b70304fb0d295fcedf453ed

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 15 Feb 2022 18:15:40 GMT
content-encoding
gzip
age
11999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 23 Nov 2021 19:48:04 GMT
server
AmazonS3
etag
W/"44d6c694be30f47a3ffaa002a09e9835"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 2ca278c258e2c9c6a2d0cc60b816bd50.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
1RSDbQN9kw-4q-z8wrNYoaMLbwfrHqziAmrrzk5Dz-GOFEYuPrc5Kw==
sync
eb2.3lift.com/ Frame 66C6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/sync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
3fb0a346eb2f9f3f7ee6c7fdbb0ec92cdc3dcc00791f1e045ec3c40bc5f5aa10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
content-type
text/html; charset=utf-8
content-length
459
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
json
trc.taboola.com/nydailynews-nydailynews/trc/3/ 		37 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nydailynews-nydailynews/trc/3/json?tim=21%3A35%3A39.917&lti=deflated&data=%7B%22id%22%3A305%2C%22ii%22%3A%22%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960935_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE%22%2C%22ui%22%3A%227e494481-90e7-4522-b182-9ae776b05b29-tuct905a227%22%2C%22uifp%22%3A%227e494481-90e7-4522-b182-9ae776b05b29-tuct905a227%22%2C%22lbt%22%3A1644850435070%2C%22vi%22%3A1644960935827%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22e%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A30092%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22below-article-thumbs_ARC%22%2C%22orig_uip%22%3A%22below-article-thumbs_ARC%22%2C%22cd%22%3A29098.40625%2C%22mw%22%3A788%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%2Cbelow-article-thumbs_ARC%3Dthumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e7a5b7c86174626d8e7e9196173d3939b59afe6aa59c59488592dff5e952d53f

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
572
date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
gzip
server
nginx
x-timer
S1644960940.947212,VS0,VE572
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a97848bbce4688ae8f12486f4df5c0e58b8b12f08c93bc94a095bf10bd7af575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9827
x-xss-protection
0
sync
eb2.3lift.com/ Frame 4528 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=59228
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
add417e7b590bd9774893cafaa9542c9f92f5029f7b36cda24cf6acc382d0a1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
content-type
text/html; charset=utf-8
content-length
407
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
0.mp4
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		153 KB
153 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
500db4df7d54a9fd67cdf0f1800f76bb495c1000b5f5d6948870b0dac44944bb

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=300347-457086

Response headers

date
Tue, 15 Feb 2022 21:35:39 GMT
last-modified
Fri, 03 Apr 2020 20:45:23 GMT
age
2300860
etag
"3f36f503010c581f014c27617d080938-10"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 300347-457086/47450516
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
156740
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6036462/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.225.205.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-118.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 15 Feb 2022 21:31:59 GMT
via
1.1 6c54d5aad34fd574d1282c92c7b7e104.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
222
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
k_Aorzgas9SMKaQi1MHH3zwD1WiSc52Bvc_5GI4-tyE7OOd98zxLEg==

Redirect headers

date
Tue, 15 Feb 2022 21:35:39 GMT
via
1.1 6c54d5aad34fd574d1282c92c7b7e104.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
EVOLgp70SnHekpTnl1q3-nrBomEmaOgBizdZdRT-1tZ4r_Y00xRJUA==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Feb 2022 21:35:40 GMT
i.js
tag.wknd.ai/2452/ 		509 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/2452/i.js
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
ba9f8d7c0e68ddc7ee4a2f9fc5e169e3d8043dfb794c5db2b9ce05184ede0713

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:34:53 GMT
via
1.1 google
server
fasthttp
age
47
etag
b62bdbda42648d
content-type
text/plain; charset=utf-8
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
content-encoding
gzip
cache-control
public,max-age=60
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
216873
ic5.php
data00.adlooxtracking.com/ads/ 		1 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D159%26scriptname%3Dadl_160%26tagid%3D1059%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%22%7D&adloox_io=1&client=sap&campagne=160&banniere=0&visite_id=27415572080&seq=0&timezone=0&js=tfav_adl_160.js&date_regen=2021-12-14%2011%3A14%3A11&plat=159&tagid=1059&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=10864029&id2=10909359&id3=32811&id4=4534168630&id5=www.nydailynews.com&id6=%5Bimpid%5D&id7=tltpvid_6611&id11=format&id12=%24ADLOOX_WEBSITE&id20=614b730&p_d=0.279&d5=6293&d3=1600x1200&d6=hunt-wabbit&d7=1&appname=Netscape&fai=Malaysia%20Airlines%20Flight%20370%3A%20See%20names%2C%20faces%20of%20passengers%20aboard%20doomed%20plane%20-%20New%20York%20Daily%20News&iframe=0&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=1%3A%20parent.parent.location.href&url_referrer=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: am.adlooxtracking.com
URL: https://am.adlooxtracking.com/ads/js/tfav_adl_160.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
nginx/1.19.8 / PHP/7.4.27
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
gzip
access-control-allow-origin
https://www.nydailynews.com
x-powered-by
PHP/7.4.27
route
ads-prod-c47c4766d-sdbp9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin
*
expires
0
integrator.js
adservice.google.com/adsid/ Frame A1AE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
xuid
eb2.3lift.com/ Frame 66C6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=013f5489-abdd-43ed-8226-582ddfebe20d&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=013f5489-abdd-43ed-8226-582ddfebe20d&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=013f5489-abdd-43ed-8226-582ddfebe20d&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=r3criHqfM&dongle=u6nf
eb2.3lift.com/ Frame 66C6
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=r3criHqfM&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=r3criHqfM&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=r3criHqfM&dongle=u6nf
date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 66C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELUrAm-a_H0tYmCaNn-MaSo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELUrAm-a_H0tYmCaNn-MaSo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELUrAm-a_H0tYmCaNn-MaSo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 66C6
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg0OTYzNjUwNTcxMjgxOTUwNjUzMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg0OTYzNjUwNTcxMjgxOTUwNjUzMg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg0OTYzNjUwNTcxMjgxOTUwNjUzMg%3D%3D
date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 66C6
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2849636505712819506532&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2849636505712819506532&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c9d8585d-03c8-40fa-8ffd-5bab783243de&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c9d8585d-03c8-40fa-8ffd-5bab783243de&_noobservation=1&_expected_cookie=46e062e...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c9d8585d-03c8-40fa-8ffd-5bab783243de&_noobservation=1&_expected_cookie=46e062e4b7c37634a82216fa39c063b7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6de1aada6b555473-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c9d8585d-03c8-40fa-8ffd-5bab783243de&_noobservation=1&_expected_cookie=46e062e4b7c37634a82216fa39c063b7
date
Tue, 15 Feb 2022 21:35:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6de1aad959b35473-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 66C6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2849636505712819506532?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CniPMfhE2oTc3K0ftYxd4jyYNKCdrejWNhZl944gVg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CniPMfhE2oTc3K0ftYxd4jyYNKCdrejWNhZl944gVg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 15 Feb 2022 21:35:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CniPMfhE2oTc3K0ftYxd4jyYNKCdrejWNhZl944gVg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame 66C6 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2849636505712819506532&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:39 GMT
etag
"89b446b6cf8d81:0"
last-modified
Thu, 13 Jan 2022 22:48:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F7FF966028EB423E91720549AAD5A036 Ref B: YTO01EDGE0810 Ref C: 2022-02-15T21:35:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 66C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2849636505712819506532
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 66C6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2849636505712819506532&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=3886b247-94c4-45c0-8421-1aa78dc9612f
  • https://eb2.3lift.com/xuid?mid=2409&xuid=ed239641-d788-4f62-a800-8b3ea6dac16f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=ed239641-d788-4f62-a800-8b3ea6dac16f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=ed239641-d788-4f62-a800-8b3ea6dac16f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 15 Feb 2022 21:35:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 66C6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=o7JkaG0JGM2a_wmNYbt2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5N43UU23BI4YEU...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o7JkaG0JGM2a_wmNYbt2
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o7JkaG0JGM2a_wmNYbt2
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=o7JkaG0JGM2a_wmNYbt2
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3469
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6de1aad418b0713c-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 17 Mar 2022 21:35:40 GMT
xuid
eb2.3lift.com/ Frame 4528
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8271880283115917977&dongle=d407
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=8271880283115917977&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59228
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=8271880283115917977&dongle=d407
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
ib.adnxs.com/prebid/ Frame 4528 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2849636505712819506532
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59228
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2a24de97-db50-4009-929f-df4445b6b445
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 4528 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2849636505712819506532
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59228
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
67e812af-447b-4a5d-bcb4-f13b0dc8594c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 4528
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABeU07EGDkAAAPyeAisoQ&dongle=bzwx
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AABeU07EGDkAAAPyeAisoQ&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59228
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AABeU07EGDkAAAPyeAisoQ&dongle=bzwx
Date
Tue, 15 Feb 2022 21:35:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame 4528
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=3e95620c-1ca9-4700-919b-67f5c4b03518&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=3e95620c-1ca9-4700-919b-67f5c4b03518&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59228
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 15 Feb 2022 21:35:40 GMT
Server
MT3 4133 baa842e master nrt-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=3e95620c-1ca9-4700-919b-67f5c4b03518&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 15 Feb 2022 21:35:39 GMT
xuid
eb2.3lift.com/ Frame 4528
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=38cb8f87-8ea7-11ec-845d-938739db1108&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=38cb8f87-8ea7-11ec-845d-938739db1108&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=59228
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=38cb8f87-8ea7-11ec-845d-938739db1108&dongle=d54f&gdpr=0&gdpr_consent=
Date
Tue, 15 Feb 2022 21:35:39 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
38cb8f88-8ea7-11ec-845d-938739db1108
0.mp4
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		138 KB
138 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41a6b03cdc026cf8c89bf691cc87ac8e45a3d31f0b13b7b608e800dc3bb43c79

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=388342-529917

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
last-modified
Fri, 03 Apr 2020 19:45:47 GMT
age
1376168
etag
"72acd8b488a6a163b62123786fb4f308"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 388342-529917/10397403
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
141576
11.f94ae62479d5b3566b98.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=www.nydailynews.com
Requested by
Host: zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com
URL: https://zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cGv19NEUBv6bvVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f495b0356a71a36df0640d33686b4e2122c74ea174bc4b593b7c1d469a00515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75321
cf-polished
origSize=59349
cf-ray
6de1aad478c7191b-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
33
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 11 Feb 2022 00:35:36 GMT
server
cloudflare
etag
W/"e7d5-17ee634efc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49C4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 05:22:11 GMT
expires
Tue, 14 Feb 2023 05:22:11 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
144809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A9EE 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d0077e79a0f392ea8421297d4eae398adfab15d0a3adde301f6f47a8ab40974
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UPxbrNl3gm9VjkYDKr16tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 15 Feb 2022 21:35:40 GMT
date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-UPxbrNl3gm9VjkYDKr16tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		655 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/2452/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c31ff52f1cb755f630e633b18e226f5b5485187c9f6bae684cdfb5bd1b2aa044

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:56:56 GMT
content-encoding
gzip
age
9524
x-guploader-uploadid
ADPycdu3a-hsWyZR29371Krk26rvZgu4xQqVxlaYk-DaSQYcBfw8rNeYc7lnlsTXLt84LpgWAMfnQurB3HVpnlu1SPdDvh37ig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
162636
last-modified
Tue, 15 Feb 2022 18:56:44 GMT
server
UploadServer
etag
"68b50770e3f80d50ef1c3ea47c366fd5"
vary
Accept-Encoding
x-goog-hash
crc32c=4zH+xg==, md5=aLUHcOP4DVDvHD6kfDZv1Q==
x-goog-generation
1644951404788567
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
162636
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 15 Feb 2023 18:56:56 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 28C2 		86 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F30690318%2FTRONC_RON_Ora_Desktop&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3986998640533898&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2267688604&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=D0B5555A-8AFF-4BF1-B817-DD11013FBFFF&nel=0&eid=44750823%2C44752711&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dlt=1644960936845&idt=2858&dt=1644960940253&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=2007290520986048&ged=ve4_td3_tt1_pd3_la3000_er1700.441.1858.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
e700275ee832f084fc4776e7cc4f69a5987622cac2073a747d9e7a9281859423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19287
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		286 KB
286 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98f0e0ea373f280ead1057549e140765d752bdb8dc1a91e99993aabbd6e354ad

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=457087-749507

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
last-modified
Fri, 03 Apr 2020 20:45:23 GMT
age
2300861
etag
"3f36f503010c581f014c27617d080938-10"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 457087-749507/47450516
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
292421
ads
pubads.g.doubleclick.net/gampad/live/ Frame F68C 		156 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F30690318%2FTRONC_RON_Ora_Desktop&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1611849294588242&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3610163194&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=8B0A0E86-7003-4295-B7D9-7F865F7DF477&nel=0&eid=44730896%2C44738437%2C44750822&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dlt=1644960936845&idt=2813&dt=1644960940297&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=3966769646354100&ged=ve4_td3_tt1_pd3_la3000_er2376.441.2534.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=Tribune_RON_Desktop_970x250_TAM&aid=19010034279587409418600&rev=a805b38&ss=7&bc=11.0&pr=6.27&brid=556612&bmid=3658&clid=10511006&biid=3658&tid=10909359&sid=15038&adid=drtzgjat&did=27790&bcud=11000&ts=1644960936&caid=10864029&unid=0&cepos=0&ceid=11916542&cb=22934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 7AA2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15301507&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6ece5ab9ad8eb95190fffedf296f59809169e48fa57b95e8d868c553b1497676

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1606
content-type
text/html; charset=UTF-8
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cGv19NEUBv6bvVP&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=www.nydailynews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
638d58e9cf8e04cea92881aff0bea8cb2f9ac3c2856248a22839cf3ee28b4318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
8
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
fa7cfb1bfb827efa
cf-ray
6de1aad61c3a191b-EWR
0.mp4
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		102 KB
102 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
712031ef73ab5c53c1660f1f2ffdd4f152a12705db1dc9bd37acc10481ced81e

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=529918-634113

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
last-modified
Fri, 03 Apr 2020 19:45:47 GMT
age
1376168
etag
"72acd8b488a6a163b62123786fb4f308"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 529918-634113/10397403
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
104196
Pug
simage2.pubmatic.com/AdServer/ Frame B243
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug006:0:426
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Tue, 15 Feb 2022 21:35:39 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Tue, 15 Feb 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1991873
strict-transport-security
max-age=31536000; preload;
141
match.deepintent.com/usersync/ Frame 0271 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Tue, 15 Feb 2022 21:35:40 GMT
server
c
ecm3
s.amazon-adsystem.com/ Frame 5DC1 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=9021BD47-D564-4E09-BA75-7F25F0BF77FF&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Tue, 15 Feb 2022 21:35:40 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
JNWKG9ENBT5YPKKYZ6ZE
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
/
spl.zeotap.com/ Frame 7AA2
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=9021BD47-D564-4E09-BA75-7F25F0BF77FF
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f7a752960b88f39ddc708de0b4bfaade
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=cfb819eda68346e0374181f0a81aaaa0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=013f5489-abdd-43ed-8226-582ddfebe20d&icm
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-KB0r0O1E2pQGti9T0ju.HJrv7DwmnZLnYg--~A&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=7467ebf23af33380
0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=7467ebf23af33380
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6de1aadf4c0c7138-YUL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=7467ebf23af33380
content-length
0
p.gif
visitor.fiftyt.com/ Frame 7AA2
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=&fbounce=1
0
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=&fbounce=1
Protocol
H2
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 google
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=&fbounce=1
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
144
g.pixel
aa.agkn.com/adscores/ Frame 7AA2 		43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.154.200.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
43
Expires
0
/
io.narrative.io/ Frame 7AA2
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9021BD47-D564-4E09-BA75-7F25F0BF77FF
  • https://io.narrative.io/?io.narrative.guid.v2=38d70120-8ea7-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9021BD47-D564-4E09-BA75-7F25F0BF77FF
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=38d70120-8ea7-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9021BD47-D564-4E09-BA75-7F25F0BF77FF
Protocol
HTTP/1.1
Server
44.198.222.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-222-213.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:40 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=38d70120-8ea7-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9021BD47-D564-4E09-BA75-7F25F0BF77FF
Date
Tue, 15 Feb 2022 21:35:40 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA2
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cd664b7563608e7&is_secure=true&networkId=17100&version=1&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKgqa_i0prANb_nOfAAAAAAA&expiration=1645047340&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&...
42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKgqa_i0prANb_nOfAAAAAAA&expiration=1645047340&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:38:11 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug021:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKgqa_i0prANb_nOfAAAAAAA&expiration=1645047340&nuid=9021BD47-D564-4E09-BA75-7F25F0BF77FF&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38d02363-8ea7-11ec-aebc-319bbbf9d2d9&gdpr=0&gdpr_consent=
1 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38d02363-8ea7-11ec-aebc-319bbbf9d2d9&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug011:0:617
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=38d02363-8ea7-11ec-aebc-319bbbf9d2d9&gdpr=0&gdpr_consent=
Date
Tue, 15 Feb 2022 21:35:39 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
38d02364-8ea7-11ec-aebc-319bbbf9d2d9
Pug
image2.pubmatic.com/AdServer/ Frame 7AA2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7341874419548819343&gdpr=0&gdpr_consent=
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7341874419548819343&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug010:0:539
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
7758dbfb-e6a2-4ef4-8d7c-45e41fe8fb3b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7341874419548819343&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 7AA2 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.198.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-198-120.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
tb
15.taboola.com/ 		38 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=nydailynews-nydailynews&unitType=244&tbloc=&pageType=text&pstn=below-article-thumbs_ARC&uuip=Feed%20-%20below-article-thumbs_ARC&cisrf=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&cirf=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&encoded=1&uid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&variant=981267|1695&callback=TRC.videoTagCallbacks.videoCallback1&cb=1644960940553&tagid=&cntry=CA&platform=1&sesid=81cb475e9b35cbbef27ae487319429ec&itemid=/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&viewid=1644960935827&geolat=&geoing=&deviceifa=&appid=&sd=v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960939_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE&ri=df5f067cfc3639bc06375b307753bdbc&appname=&cdb=&gdprApplies=false&rid=&sii=4433633441509489590&oee=true&tpubid=1038711&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=QC&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1008940&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
33d868ac3e16337e3f89df51955fcc1e99bf981cf99f9e34e1872947ce58013d

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
gzip
access-control-allow-origin
https://www.nydailynews.com
machineid
1132
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-yul12824-YUL
pragma
no-cache
server
nginx
x-timer
S1644960941.567510,VS0,VE22
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
8
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
IXSkBEqpDs+zc5xKZ+9R2bNGXQ3QXnj4p4lDozH9kU9ec2SEPEaVV4pb7A6bvM3NDW+Sjiltjfs=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1644960941.617251,VS0,VE0
date
Tue, 15 Feb 2022 21:35:40 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
JWJ60XFEMJFR62N2
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
31
x-cache-hits
9
json
trc.taboola.com/nydailynews-nydailynews/trc/3/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nydailynews-nydailynews/trc/3/json?tim=21%3A35%3A40.686&lti=deflated&data=%7B%22id%22%3A324%2C%22ii%22%3A%22%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960939_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE%22%2C%22ui%22%3A%227e494481-90e7-4522-b182-9ae776b05b29-tuct905a227%22%2C%22uifp%22%3A%227e494481-90e7-4522-b182-9ae776b05b29-tuct905a227%22%2C%22lbt%22%3A1644850435070%2C%22vi%22%3A1644960935827%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22e%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A31901%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22orig_uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22cd%22%3A29098.40625%2C%22mw%22%3A388%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%2Ctaboola-right-rail-thumbnails_arc%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_3%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f98f2ec3949c02393a2eeb79ae4ebd56daed4a8a3da19011a0058644c888bea

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
308
date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
gzip
server
nginx
x-timer
S1644960941.694020,VS0,VE308
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
debug
trc-events.taboola.com/nydailynews-nydailynews/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/nydailynews-nydailynews/log/2/debug?tim=21%3A35%3A40.558&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-05&llvl=2&id=868&cv=20220209-5-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21827
debug
trc-events.taboola.com/nydailynews-nydailynews/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/nydailynews-nydailynews/log/2/debug?tim=21%3A35%3A40.560&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=3392&cv=20220209-5-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21827
/
prod-use.perf-serving.com/imp_notice_c2s/v1/R1M9rqZ-jjlNwKvCvQf-dbiC2Pd0xJ0-D7J3ta68HcK6_nk9MkX-gtUoJup4xPnuXb76BwazMFDbVHt7pkDmtce3xgk73fMtmCQCGGPNj4xglTT3m8tZm8xW3zQa6JpDTCLGMu-GZYC8igbEXoOWyKhY7... 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-use.perf-serving.com/imp_notice_c2s/v1/R1M9rqZ-jjlNwKvCvQf-dbiC2Pd0xJ0-D7J3ta68HcK6_nk9MkX-gtUoJup4xPnuXb76BwazMFDbVHt7pkDmtce3xgk73fMtmCQCGGPNj4xglTT3m8tZm8xW3zQa6JpDTCLGMu-GZYC8igbEXoOWyKhY7d4EowJmf-l53LRwvHGg94UWgxW1y10-13fLA7vZT8bgblwkJAKmPHF7bKXhcDhrL55M4NYD8wMgJBNUi3o-mg1kO0EM_ubMqIBzNudy5DR8yRmb8HtcmQsRL4nJS9zrx0AwiGz8yhAXkZOZfIZTqGLkMoO0j_gV2ldZm5JK1sRQVUTm2Sw9NxMhhP3q5iAZ092KcdlXrZsT8immBRW9CiQNu1505hmrLO7X8CS2XlKru1CIwulHQ72ZybmIQ8n0_bxJSxnJmbMr-2_6d4aTKkOxKZzoWC3nHd-04dtLwXRxKLT9iWK5ZF76-8sPYQSfDM25Y0muEFEqjL_g97yrfDwuqS_pD40MviSvwt5ocuqy0QUILNkw6Hj-HOGnnNQ_iKDeg1tMivEuIySe8_tv_ZYTLJxPc6CxpH8s-OOXcZH7OZturhoOBtoIySV2t51_3xSKZSlSjmDBD2BKu1h2fiBr5QHqvCnnbavDPIvNj9pTbFYVGKfLaX4z5AoRlVplF1r8Juvm4Vsw8DJr3IBADtUp3x0Unp3LiWqLEHtTAL99tjYrZ7MhAFB6axbaw29AjR-M9jmFwJ_V8Cquwe5y-vGZYb1YzOPK_JTVfLSILDE1ciAEZzJWxzxuh8CoEg7dAVvIU4E7nq2M9LcyozLjRdeCW-laI4mllu2OYIN51Jc4vRhIJqTUuoXc7WeIKW40QfL96MvgJYN4TlBHBwmFm_R7N8aTt_03zzGrRa4FxmO41vWRww7dx4SX7iJ5qdziKUjiA0SawBMM3O4a4apsLfpX1sxFUQmY2W5bVEJzfnQoHW4Tr1XIhQKDCSxjL7JclDhS7vXpudgrEZ5Lj6hKIvSpWSAU60c4S0hG_D-NXLgMl_5w2MYowRgbQL0Ce5_2RSbqrn0pIwl6gTtFy3w7jxgEO_bG_03UDe3PTHQBpNxSZXKVkE-JpK5giPZvAFCgFMLqUfSNswa17kt2Z0E5kf7y0wqap7LIS_5OQ5LbPS4Je9msRAUBnAUrKdz_FX5uAK-keVREXTAK3g/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.20.91 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.20.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
43
content-type
image/gif
bidswitch921.gif
us.ck-ie.com/
Redirect Chain
  • https://us-east-sync.bidswitch.net/sync?ssp=taboola&dsp_id=366&imp=1
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartyads&bsw_custom_parameter=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk6ae5627c-7549-4dbb-9eb6-ca5e74eed4e9&expires=7&user_group=5&ssp=smartyads&bsw_param=ed239641-d788-4f62-a800-8b3ea6dac16f
  • https://us.ck-ie.com/bidswitch921.gif?puid=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA}
42 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/bidswitch921.gif?puid=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA}
Protocol
HTTP/1.1
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:41 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0

Redirect headers

Location
//us.ck-ie.com/bidswitch921.gif?puid=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA}
Date
Tue, 15 Feb 2022 21:35:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
debug
trc-events.taboola.com/nydailynews-nydailynews/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/nydailynews-nydailynews/log/2/debug?tim=21%3A35%3A40.682&type=info&msg=Load%20publisher%20card%3A%20%23taboola-skip%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23taboola-skip%20succeed&llvl=2&id=5359&cv=20220209-5-RELEASE&lt=deflated&idx=pc&pc=%23taboola-skip&st=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21827
abtests
trc.taboola.com/nydailynews-nydailynews/log/3/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/nydailynews-nydailynews/log/3/abtests?route=US:US:V&lti=deflated&ri=df5f067cfc3639bc06375b307753bdbc&sd=v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960939_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE&ui=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&pi=/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&wi=4433633441509489590&pt=text&vi=1644960935827&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1644960940688%7D&tim=21%3A35%3A40.688&id=8582&llvl=2&cv=20220209-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960941.701719,VS0,VE10
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
abtests
trc.taboola.com/nydailynews-nydailynews/log/3/ 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/nydailynews-nydailynews/log/3/abtests?lti=deflated&ri=df5f067cfc3639bc06375b307753bdbc&sd=v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960939_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE&ui=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&pi=/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&pt=text&vi=1644960935827&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1644960940688%7D&tim=21%3A35%3A40.688&id=1800&llvl=2&cv=20220209-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960941.701817,VS0,VE11
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
0.mp4
vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/ Frame A1AE 		165 KB
165 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-53344de6-41aa-4839-8c7e-182de7980f3f/ffc4d445-1987-4e08-8396-f8627d344b6b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2aa9292ae360c573ce4bb6603f7d9b5ddaac9c83857a110e4fd3942538da0994

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=749508-918290

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
last-modified
Fri, 03 Apr 2020 20:45:23 GMT
age
2300861
etag
"3f36f503010c581f014c27617d080938-10"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 749508-918290/47450516
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
168783
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.6.3/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.6.3/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f05b433bd9e3d5f20b021fbec3b24de2441225a1b970cbfe3f1302f5731024c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 9d44e85808045d940d36e8cfb772edae.cloudfront.net (CloudFront), 1.1 varnish
age
300508
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
29211
x-served-by
cache-yul12824-YUL
last-modified
Sat, 12 Feb 2022 10:06:12 GMT
server
AmazonS3
x-timer
S1644960941.767119,VS0,VE0
etag
"ee3e0b0aba5a18179563dfdda39b8989"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
PdDgSzUDgq7F_flGNEVecqafWDOke8RTi92Mf9_eM5MeRTYnY4yqtA==
x-cache-hits
49775
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=www.nydailynews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60af31f4402255b9fe3e40e493adfde0b7fdb8a71891151c04c51ca788e79eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75297
cf-polished
origSize=103870
cf-ray
6de1aad7d841191b-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
12
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 11 Feb 2022 00:35:36 GMT
server
cloudflare
etag
W/"195be-17ee634efc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
0.mp4
vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/ Frame A1AE 		239 KB
240 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1efc2daf-f6fb-4fb4-8557-ad1c0eadc02f/30693875-87f4-4115-bb9d-719832d9fc86/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fcddd0320abcbc169a9c00b67d08bfc6b5d8b1df4d1aaab690942188ef8baaa7

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=634114-879190

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
last-modified
Fri, 03 Apr 2020 19:45:47 GMT
age
1376169
etag
"72acd8b488a6a163b62123786fb4f308"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 634114-879190/10397403
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
245077
/
data.cdnbasket.net/ 		57 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.240.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.240.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ebd563c03965f145d16befa28e5cc95a1b1690ff7032f98ba3c70cd3c710988b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		100 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.86.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.86.190.35.bc.googleusercontent.com
Software
/
Resource Hash
8ad9bb6a14149d96493b09b7cb065f6e15432bd3f68683f2d8f668336ae299cb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		100 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.193.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.193.227.35.bc.googleusercontent.com
Software
/
Resource Hash
477ba6ccfa9c4ed960f8405a8f7c23510373a4854d6a53aa67b16458cce0eb71

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:40 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 501A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

x-guploader-uploadid
ADPycdvnl_ITFMe-BW_jB3Jb14-7vDDFr65eszgT04kcC5ZB_3nSvHi_OzP2t7DxZCa2uKhvtYpWERJfS-yjEnNXKNo
x-goog-generation
1641484422456784
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-encoding
gzip
x-goog-hash
crc32c=/MB/Rw== md5=w2jAMmD4CbqHf/KAt5/Fjg==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
date
Thu, 10 Feb 2022 10:01:52 GMT
expires
Fri, 10 Feb 2023 10:01:52 GMT
cache-control
public,max-age=31536000
age
473628
last-modified
Thu, 06 Jan 2022 15:53:42 GMT
etag
"c368c03260f809ba877ff280b79fc58e"
content-type
text/html; charset=UTF-8
alt-svc
clear
sodar
pagead2.googlesyndication.com/pagead/ Frame A9EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=3428847557343757&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 28C2 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kzon9sbx&c=6078709350138&slotId=3039354675069&qqid=CMDVkYTVgvYCFVFgAQodSfAHMw&gqid=rBwMYvn4EY-1BN_lljg&fb=ima_html5-lima&sdkv=h.3.500.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44750823%2C44752711&met.4=ghmsh_s.kzon9tab~ghmsh_s.kzon9tac&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=ysz5HnVZ1sfQ5LiV
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:80e::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
pagead2.googlesyndication.com/bg/ Frame 49C4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 22:42:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
255201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13552
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Feb 2023 22:42:20 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 28C2 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-7144610682352909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 20:55:37 GMT
x-content-type-options
nosniff
age
2404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Feb 2022 21:45:37 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CYwI_rBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_wJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtgtxYTTPZemhcMC554sW99UmKP-NG8FettJm0bZNHGxU4AvwUK3B_9US70Ua8UZ6wR7FqllRjeuJaBMroM98AEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdsQnNZCtxV4LqWIAKA5gLAcgLAdALDrgMAbATjueaDtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=SW07ILPXCx8&label=show_ad&acvw=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 28C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=Cy8RIrBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBkgUGCBsQARgBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC3wxuoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oOwhMGGNib6IYDyBPwnpffA9gTDdgUAdAVAagWAeIWAggBgBcBshceChwIABIUcHViLTExMzUyMzU5NjQwODY1MDAY1sEX&sigh=oxMDFnP0lwc&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vt=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
truncated
/ Frame 28C2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
4.add54fa9a4302d9dcee6.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.add54fa9a4302d9dcee6.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com
URL: https://zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cGv19NEUBv6bvVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e444d7b706bfd14ec1c3a5f980a93b0a70af3fa07a2bc94e134987a3b77495d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75299
cf-polished
origSize=2539
cf-ray
6de1aadaff47191b-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
5
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 11 Feb 2022 00:35:36 GMT
server
cloudflare
etag
W/"9eb-17ee634efc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.452834941ec50883cf7b.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.452834941ec50883cf7b.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com
URL: https://zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cGv19NEUBv6bvVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2c81d373c6ef2701c910ddea7d457687d9773bf3a3163ccff1740a3eaca0f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75299
cf-polished
origSize=29269
cf-ray
6de1aadaff48191b-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
4
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 11 Feb 2022 00:35:36 GMT
server
cloudflare
etag
W/"7255-17ee634efc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=www.nydailynews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bc19376ab3d2dfbf9fdb4c72ec4473395dd5eb58118a94151b966668ec3017c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75298
cf-polished
origSize=65996
cf-ray
6de1aadaff50191b-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
4
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 11 Feb 2022 00:35:36 GMT
server
cloudflare
etag
W/"101cc-17ee634efc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0uFoGKbfXff5a6x&Version=16&Q_ORIGIN=https://www.nydailynews.com&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=www.nydailynews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f58c74735055c0da00364633753b829ff678d1d520595abd37ae63a096032a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
14491
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
x-envoy-upstream-service-time
21
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 15 Feb 2022 17:34:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Fri, 13 Feb 2032 17:34:10 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
cf-ray
6de1aadb3bb58ccc-EWR
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_emoq9WReDFaGmDH&Version=3&Q_InterceptID=SI_0uFoGKbfXff5a6x&Q_ORIGIN=https://www.nydailynews.com&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=www.nydailynews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d694e9b126201d5a85afd5e6ef5346a5990d14bb1f12cdf7f4b929e89e285a02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
364819
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
x-envoy-upstream-service-time
17
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 11 Feb 2022 16:15:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Mon, 09 Feb 2032 16:15:22 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
cf-ray
6de1aadb3bce8ccc-EWR
servershortname
csi
csi.gstatic.com/ Frame A1AE 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kzon9rdg&c=6078709350138&slotId=3039354675069&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:80e::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28C2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.500.0&e=44750823%2C44752711&id=ima_html5&c=1441707447020533&domain=www.nydailynews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr2---sn-apaapm4g-apae.googlevideo.com/
Redirect Chain
  • https://rr6---sn-tt1eln7l.googlevideo.com/videoplayback?expire=1644989740&ei=rBwMYp2AHoHguQKcna2wDw&ip=149.56.153.178&id=71d512e59a26bfcb&itag=22&source=youtube&requiressl=yes&mh=ix&mm=31&mn=sn-tt1...
  • https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1644989740&ei=rBwMYp2AHoHguQKcna2wDw&ip=149.56.153.178&id=71d512e59a26bfcb&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=ye...
694 KB
695 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1644989740&ei=rBwMYp2AHoHguQKcna2wDw&ip=149.56.153.178&id=71d512e59a26bfcb&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.100&lmt=1644617863226997&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALbo-Pg3O23kDd3p7Ityw_X4XlqDFbReroixhNH5nId2AiEAhhjmHghSX89T-T6LShxbd_WUau_GPwlWz3gmXH1gSAc=&cpn=ysz5HnVZ1sfQ5LiV&redirect_counter=1&rm=sn-tt1ld7d&req_id=70723cf53f9536e2&cms_redirect=yes&ipbypass=yes&mh=ix&mip=2607:5300:60:7867::10&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1644960161&mv=u&mvi=2&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPayDyBNQ4TcrY845Kb1ONNh1ji0Qr5XRaJmszhpRfJCAiAXOOLgMIs9vRNGEYftE4AmWeU9mPjnebad1MgQf6Mdyw%3D%3D
Protocol
HTTP/1.1
Server
2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2c94df6b4b148b9e7cf636f2160b1135818d3f8414b0ad5840fcdc66f43f4c9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Feb 2022 22:17:43 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-710868/710869
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
710869
Expires
Tue, 15 Feb 2022 21:35:41 GMT

Redirect headers

Date
Tue, 15 Feb 2022 21:35:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1644989740&ei=rBwMYp2AHoHguQKcna2wDw&ip=149.56.153.178&id=71d512e59a26bfcb&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.100&lmt=1644617863226997&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALbo-Pg3O23kDd3p7Ityw_X4XlqDFbReroixhNH5nId2AiEAhhjmHghSX89T-T6LShxbd_WUau_GPwlWz3gmXH1gSAc=&cpn=ysz5HnVZ1sfQ5LiV&redirect_counter=1&rm=sn-tt1ld7d&req_id=70723cf53f9536e2&cms_redirect=yes&ipbypass=yes&mh=ix&mip=2607:5300:60:7867::10&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1644960161&mv=u&mvi=2&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPayDyBNQ4TcrY845Kb1ONNh1ji0Qr5XRaJmszhpRfJCAiAXOOLgMIs9vRNGEYftE4AmWeU9mPjnebad1MgQf6Mdyw%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Tue, 15 Feb 2022 21:35:41 GMT
c
ids.cdnwidget.com/ 		535 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=01be3c006ea55b7040bf66d26803c05c&SCH1=&GCS1=084011167&GCS2=MzNjNThkODYtNDQ2OS00NjI2LWI1MzMtOTAwNTNjN2Y0MjBlLmxvY2Fs&pe=false&wsid=2452&varID=0obs5&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2452%2C%22loadID%22%3A%22Bh03F30dPaXSPgw%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A4%2C%22IDStageStart%22%3A4%2C%22obsReqpage%22%3A160%2C%22obsReqview%22%3A161%2C%22obsReqdata%22%3A162%2C%22netComplete%22%3A481%2C%22IDStagePrefire%22%3A481%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
41df177bf0ee7f4522f6d2167265a7571390548e7de4fd6621de6f3cdcc7fe0c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
https://www.nydailynews.com
date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json
Graphic.php
ca1.qualtrics.com/WRQualtricsSiteIntercept/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_d4Eek8WlZB7DeKN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1621109321ffb600b707bba407e8434f2e0a8f453e63caec68f77dbf4508fef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
x-content-type-options
nosniff
content-security-policy-report-only
report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time
22
content-disposition
inline; filename=FEEDBACK%2B%2B1%2B+-+Copy.png
content-length
3148
x-request-id
5fe71d39-3e46-4203-8188-709fa090059f
referrer-policy
strict-origin-when-cross-origin
etag
"5e6eb417110940826d66af964289a2b6"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-transaction-id
7bf83bc7-ff68-453d-ae6a-9cd06971f03a
cache-control
public, max-age=48
x-robots-tag
noindex
expires
Tue, 15 Feb 2022 21:36:29 GMT
lookup
pd.cdnwidget.com/ 		49 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pd.cdnwidget.com/lookup?deviceID=25ADLXtOnqe74a4RQHUKSLbJ5LC&cookieID=25ADLZNd0d2ieQxx0MR0PXHAOLf&bxwid=2452
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
st
imprnjmp.taboola.com/ Frame 4663 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8016157&crid=5318825&dast=V7xxQCFgMnsDOf0uVOiQQnsDOf0uVOiQUAAAAGBvQHGzfh7YaD2Wy22sxmg9lgN9rNdrvJYLNcDmHjJrzdcDCbzVab2WwwG-w2u91qMhlNVpMpfBjLZTKoBRKX2e97Kyynp8fscouOrrfF829QOmxAQ9Pp8Lnu9brf7y53nhxOs_Pu8n3uGr_bL3f5Pn_d33I2-eUOt8vzljk8Ls9bYfE7LCe32mF2OD9Ph1vhtJyddpfnLTM7fUbTW7MbrBWW09NjdrkVc8Vus5wsdnMAAAAAeACIQkmF-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAKMiq0wAw4UBov910eTnM_gAAeFAAAQAQwCABECgfLAHwwMk_AQAAAAAAAABg-f___48B0IvqkAH48ErrAXjwAXggImArYgQAAABQiZMpezSpEyqLKgAAgnQrgCsAgAC_fyiBjzAAAIABsfYvDrlhVmmZsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCGHhqbT4XPd63W_313uPDmcZufd5fvcNX63X-7yff66v-Vs8ssdbpfnLXN4XJ63wuJ3WE5utcPscH6eDrfCaTk77S7PW2Z2-oymt2Y3WCssp6fH7HIr5ordZjlZ7EZnkMPFZLZbHUHMlqvZAQAAANz9____47V_ccgNs0rL6IHgYmMx7VYr58Sz2lgsLptlt3CZhrvNYjmaLFce781RLIfcxSoT9oWIy-z3vRWW09NjdrlFR9fb4vk3KB2C-KBhWE4GwfwmbDFaTSab5XC2XEwGw9FwNNqfQA4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIcyvTcjQaLtbKwcq3Fq0mk7XEMZyslQuXbzebGFYTy3Iten1Mz8FqYZnstigYYLYXwUU6kTtPDqfZeXf5Pm-58-Rwmp13l-9zEUs0J4t0Irvsi4uNxbRbrZwTz2pjsbhslt3CZRruNovlaLJcefy9lWk5Gg0Xa-Vg5VuLVpPJWuIYTtbKhcu3m00Mq4lluRa9PqbnYLWwTHb7xmw0Ws4Gy81q35iNRsvZYLlZ7jt0hu_qczaauyW_RyXUbP_K7cx8ULgMFu9KdVppC5KDNnsVOV2ambKoMyqf35HXoPAcPKqPb_rM2MYNa633XDgOFkUsEZwu0onoZTxdxBLJ0yKdiGyumWG229g8ntlmOfEYZpvdauIZ7HarzcRk8VjEEqXpIp3o5S7f56_7W84mv9zhdnneMofH5XkrLH6H5eRWO8wO5-fpcCuclrPT7vK8ZWanz2h6a3aDtcJyenrMLrdirthtlpPFbqL-o0OMlnPVbK5YbeaK3XCVAAAAAAAAAACWMGXeBAAAAOA0iOFyONktF-Ah-04XGAQAAAAAAGC359DtI_1ux7a48eMLd54cTrPz7vJ93nLnyeE0O-8u3-fKAA9lLMybPRPEWq2WNQAAgAA2AABAALdu3gLRITk!&cmcv=&pix=undefined&cb=1644960941457&uv=3120&tms=1644960941457&abt=adh5c-1_vA!dfrc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7B7780666536606074767720399&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd5bd26d619f31c6a315ebbebbb8328e953c3e64a7f5f6efbf8fd5ec37a94a48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 varnish
x-served-by
cache-yul12824-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1644960941.476754,VS0,VE12
vary
Accept-Encoding
sync
us-match.taboola.com/ Frame 98BD 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7xxQCFgMnsDOf0uVOiQQnsDOf0uVOiQUAAAAGBvQHGzfh7YaD2Wy22sxmg9lgN9rNdrvJYLNcDmHjJrzdcDCbzVab2WwwG-w2u91qMhlNVpMpfBjLZTKoBRKX2e97Kyynp8fscouOrrfF829QOmxAQ9Pp8Lnu9brf7y53nhxOs_Pu8n3uGr_bL3f5Pn_d33I2-eUOt8vzljk8Ls9bYfE7LCe32mF2OD9Ph1vhtJyddpfnLTM7fUbTW7MbrBWW09NjdrkVc8Vus5wsdnMAAAAAeACIQkmF-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAKMiq0wAw4UBov910eTnM_gAAeFAAAQAQwCABECgfLAHwwMk_AQAAAAAAAABg-f___48B0IvqkAH48ErrAXjwAXggImArYgQAAABQiZMpezSpEyqLKgAAgnQrgCsAgAC_fyiBjzAAAIABsfYvDrlhVmmZsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCGHhqbT4XPd63W_313uPDmcZufd5fvcNX63X-7yff66v-Vs8ssdbpfnLXN4XJ63wuJ3WE5utcPscH6eDrfCaTk77S7PW2Z2-oymt2Y3WCssp6fH7HIr5ordZjlZ7EZnkMPFZLZbHUHMlqvZAQAAANz9____47V_ccgNs0rL6IHgYmMx7VYr58Sz2lgsLptlt3CZhrvNYjmaLFce781RLIfcxSoT9oWIy-z3vRWW09NjdrlFR9fb4vk3KB2C-KBhWE4GwfwmbDFaTSab5XC2XEwGw9FwNNqfQA4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIcyvTcjQaLtbKwcq3Fq0mk7XEMZyslQuXbzebGFYTy3Iten1Mz8FqYZnstigYYLYXwUU6kTtPDqfZeXf5Pm-58-Rwmp13l-9zEUs0J4t0Irvsi4uNxbRbrZwTz2pjsbhslt3CZRruNovlaLJcefy9lWk5Gg0Xa-Vg5VuLVpPJWuIYTtbKhcu3m00Mq4lluRa9PqbnYLWwTHb7xmw0Ws4Gy81q35iNRsvZYLlZ7jt0hu_qczaauyW_RyXUbP_K7cx8ULgMFu9KdVppC5KDNnsVOV2ambKoMyqf35HXoPAcPKqPb_rM2MYNa633XDgOFkUsEZwu0onoZTxdxBLJ0yKdiGyumWG229g8ntlmOfEYZpvdauIZ7HarzcRk8VjEEqXpIp3o5S7f56_7W84mv9zhdnneMofH5XkrLH6H5eRWO8wO5-fpcCuclrPT7vK8ZWanz2h6a3aDtcJyenrMLrdirthtlpPFbqL-o0OMlnPVbK5YbeaK3XCVAAAAAAAAAACWMGXeBAAAAOA0iOFyONktF-Ah-04XGAQAAAAAAGC359DtI_1ux7a48eMLd54cTrPz7vJ93nLnyeE0O-8u3-fKAA9lLMybPRPEWq2WNQAAgAA2AABAALdu3gLRITk!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
128cd80eeb395349ca44661cad1628414936fa67719ea0248c3bdffbb345f1af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:41 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3102
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8016157&crid=5318825&dast=V7xxQCFgMnsDOf0uVOiQQnsDOf0uVOiQUAAAAGBvQHGzfh7YaD2Wy22sxmg9lgN9rNdrvJYLNcDmHjJrzdcDCbzVab2WwwG-w2u91qMhlNVpMpfBjLZTKoBRKX2e97Kyynp8fscouOrrfF829QOmxAQ9Pp8Lnu9brf7y53nhxOs_Pu8n3uGr_bL3f5Pn_d33I2-eUOt8vzljk8Ls9bYfE7LCe32mF2OD9Ph1vhtJyddpfnLTM7fUbTW7MbrBWW09NjdrkVc8Vus5wsdnMAAAAAeACIQkmF-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAKMiq0wAw4UBov910eTnM_gAAeFAAAQAQwCABECgfLAHwwMk_AQAAAAAAAABg-f___48B0IvqkAH48ErrAXjwAXggImArYgQAAABQiZMpezSpEyqLKgAAgnQrgCsAgAC_fyiBjzAAAIABsfYvDrlhVmmZsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyZkAwCQJjyJYq_2CwgAsPYLCADApm4AAG8BcCGHhqbT4XPd63W_313uPDmcZufd5fvcNX63X-7yff66v-Vs8ssdbpfnLXN4XJ63wuJ3WE5utcPscH6eDrfCaTk77S7PW2Z2-oymt2Y3WCssp6fH7HIr5ordZjlZ7EZnkMPFZLZbHUHMlqvZAQAAANz9____47V_ccgNs0rL6IHgYmMx7VYr58Sz2lgsLptlt3CZhrvNYjmaLFce781RLIfcxSoT9oWIy-z3vRWW09NjdrlFR9fb4vk3KB2C-KBhWE4GwfwmbDFaTSab5XC2XEwGw9FwNNqfQA4HOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIcyvTcjQaLtbKwcq3Fq0mk7XEMZyslQuXbzebGFYTy3Iten1Mz8FqYZnstigYYLYXwUU6kTtPDqfZeXf5Pm-58-Rwmp13l-9zEUs0J4t0Irvsi4uNxbRbrZwTz2pjsbhslt3CZRruNovlaLJcefy9lWk5Gg0Xa-Vg5VuLVpPJWuIYTtbKhcu3m00Mq4lluRa9PqbnYLWwTHb7xmw0Ws4Gy81q35iNRsvZYLlZ7jt0hu_qczaauyW_RyXUbP_K7cx8ULgMFu9KdVppC5KDNnsVOV2ambKoMyqf35HXoPAcPKqPb_rM2MYNa633XDgOFkUsEZwu0onoZTxdxBLJ0yKdiGyumWG229g8ntlmOfEYZpvdauIZ7HarzcRk8VjEEqXpIp3o5S7f56_7W84mv9zhdnneMofH5XkrLH6H5eRWO8wO5-fpcCuclrPT7vK8ZWanz2h6a3aDtcJyenrMLrdirthtlpPFbqL-o0OMlnPVbK5YbeaK3XCVAAAAAAAAAACWMGXeBAAAAOA0iOFyONktF-Ah-04XGAQAAAAAAGC359DtI_1ux7a48eMLd54cTrPz7vJ93nLnyeE0O-8u3-fKAA9lLMybPRPEWq2WNQAAgAA2AABAALdu3gLRITk!&cmcv=&pix=31589837&cb=1644960941457&uv=3120&tms=1644960941457&abt=adh5c-1_vA!dfrc_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1644960933579.1!ts:1644960941457&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-length
0
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 49C4 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?giz08A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
init1.js
api.bounceexchange.com/bounce/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=2227&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWYgTkIAYzj8BWAZmM2AC8QpLMB3AUwCMcqYLwD6qACZQATMTrTMAJ144QAGzhoMBKpQAe+aZS7KYvRcsVRsAQzVrUCAOai4itVAAWwYAAccAKQMAIIB0gBiYeHcMQB0CACeEjaoagkIvNw4sUggALZRGVlR3CDuEoU2eSoAtDA2SLU2-CA2ihI1eXY2CUI2NSnujrUwDk7eNQwA7JQDimhIarw1+LH4Uwxk0uuYAG6oQsCiuSAA1qi8UAFTAEJh0mq+90Gh0tLefoHSjK-ykd8RGLceJJFJpIrZXIFAHhCFhP6lcrwiIIKojBpNFptDpdNQ9PoDVBDDI4OpjCbTWZtBZLFZrDZbdbPaQAYXuimeIWZ0muABFsCAzhcrrd7rtOaFRW9UWhdmIhE4EK4nm8XvU1DheGE2W81CAnE5eBJxEqYMotaqQurNdr7nqDUaTaJfCkKpbgtaLTrpLw5YpRPbDcbHM7XRLPbbpXA8vxzKIQDBRNTUIsVKJlDY3TyQvhIz6kDZfKJNbwlftDuG7DbWfdeAWizg4Pw8sIRMbkqkEqMbDhPJWNV7a-Xi02Wz5HQW8i7UIqJKg2hcvtmPVXB2864WR83W47+Bnzs44e6IzX18PG9vx8bfI4cMBFKhfBblyfvXi7+Ip8ocEIMP3q2+PZHPsmQTp4danCAmj-mu0gKhkwZKnAmqKDgojVCI-rcI4EggNwMF5iB3Chgk3B2GoogwESRoEVMvJ5hITjhESd4ADKtFmLz3nAsGeNiACS9Huvc3zBLyrEAFoAHISJQEjSBcEB6HolAALIAEqUAACgAGgAEsEADyrEwMy3qqDAwCCRKIl0GJrE6cAhkIAAjrwUzEDYxDqRAekAKoANIAMqsfwABSdCsd6DFODZUoKTgWnKPsUE4CyyGgNUHLHqueYHEFTY4EgD6xtlL65XRfJ7G0OAANrJqmoaGgAulA3G8NVqG1TKqBysWM5Ib4rWep1dWZqIsiiJ4UGocNq6jbVLqkeRzrfqWwBzQOC02AgCBQcgvDVAgRy+Gtx2bZqC2Bo6IZmrwvAXR1uw1bV12IaGkiPQtvpxm9TrThIX3PV1DVLKIaDAEsrWqd0vTzsilDBESDgkgj4TksACOUvCXIApQQX3QjqLVF88g6vIlD1I0pNGAmCMuj+paGqhCPNK07QI7h+Q0Xjvh4hkV36iGeQgMkahAy9CDRqV8aJqDaYZoDBALUtR1HLkCBUYo1RKyNwNjcaGPxggEtdagXSGm44teD4-gvAA9PbQIgh24KZJC+T29+qCsOY9v4LwqkAGoAKL8L4ADiekAOr4DgqmnDcxBB6xUysQFTgMBJACauwgEEvL2wAHMYeiMAw9ugL49ttEgAzOEsihUb2cxININSnaLNT3hgSCxDgDCxFUNjsKiWQ5J7vhNg4SD24JwTR1MYUSaxEc6SHhkskHAAqDAslMWmqdHDB0MQWnBLEYC+E423zCmYPEw9UAw3icM2GEiPI8MXyUOjM7eB-bGuN8aEyMI-L4OpKYYh-nTIwDNNTOHMD-Nm2IP5cx1h-PmO0novXlscGwG0oAQhVjYQ0wAEhPlavLb6557plgOMIU2dUNwNlHDudsYIuzvk8Ew2qLCtxjjbPgqcKRZzzgfCoXh-CLyCN3PuRwip3ZSPPGwq8zpbz3kfE-PWL1+ANFOFRewogJC8D5iABIatWoLREJmNCiBhDGxdC1WA819a1UcLkRUwgQCiH4HqJApxVoqHWrwiQMAiyKA4n4kAASqH2DwgtMJESon+MCRIOAT5pC8L9AsOwognDkXMAkJq2jXEvQsidHoZEjGnWCedFxW03HyzQkRR0GE4zYQQLhbgrV8A0M3KAICcZakIMITorq-DBl3jjHeHayR2hCF9kE0ZvC+LtGqRREZISGmXTca040SBwIBKgpUj8fBeCnF4TAMoWUtxFRKuYXh74jjmxGb+E2OycFdWeaIfZxwjmQU0Lw5QThUAbNELwMYqA-FiGQo8z5C14I3SQihNC7SsI4Twtki4xElrgq1kaIGJiYB8NoaWX5DCxmuOJbVIiJF8XUV1vNE45wxCgB8XiRQhoEXh04JgXgfgoC1WapgXwwA8ACinA4HajRKJ4icNYXYfFrBrODFIUS4lpKyXkopZSalNK6QMsZGAmAKniHVXZcSjlnJuQ8l5Hy-lgqhQilFIAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
914200271af6b0ad8abd44071d2ae98bfeb95a2503efcde68e22dd14fee3f44a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 21:35:41 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
35
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 491C
Redirect Chain
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19254

Redirect headers

location
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
date
Tue, 15 Feb 2022 21:35:41 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 491C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19958

Redirect headers

Date
Tue, 15 Feb 2022 21:35:41 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
278
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 491C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19610

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
date
Tue, 15 Feb 2022 21:35:41 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame 491C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=0&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19254

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=3428847557343757&bg=!PT6lPnrNAAbAtJCDwLQ7ACkAdvg8WttjI0smeyCFoUxoM-OQi82N2mA15DrgoTXtkEEWsHhqmnp8swIAAADpUgAAAAJoAQcKAFBvygNk8QsaiHNqz6MTQP0MnCgRNcMWgZfUW40DtpmS1P6vUOgytO7WnSuUihj6GS9Yl1xo2a4VsQv8Fbe0AG48up8_LF3z_EYe04K0S8w1LpkCyot7SdIhortUMX1k2u9sq4u1E6GokBztfLSGi_oPrSweUTx5QXC0Pa-tjXC2iwrBsc_Mt8sI5NdvN_WVZWK7kbJwDIbLI2onOkqSqErq-w-NrssQI-TQ_yu5bTPt0qm-8Eyx6yQ_ofLSzjv08cEhg9j8Zm9NMbe4-g09LUmMEt_6f292EV97bIdVrAW35Hb7ZIC1m1C-NupMsOZS87H6fiKgWUz2QeURDEGsqohwCDr6bdVLWYBLH4slUhvlhXwUbW8wgJsB_aLPt4RjlHqq5qtyWfnrD0vj3fdKrM0MJfg4ROjl-JJx84Ps3rmpwSUTL8EK0rt7R3n-Ef3igb5n8xdP2P2WWyJ8lMbJ3D8htu08ly87G9I0RGp2tnUdQBYMs6Y8D15Dxx1kAATBjCDP26OIOcHSd0ze30MM7KwWArFbWAU2z4McqgJMoeWJ0QlY3wWfbeEmgwXhFoAjGLALIyrHvJteLJsRICc2DKv-LxDeoFPygQMDNRJ-CBxLc8EDzNwI6kS6bs60p-62ElUr8BybpUgaL2Cq4HP_9SMi9cKcJMlie0nSDuU5peYvaUbzKDqDibrNeeE5Z9v8v3l-TEwN5RtHAumtfbu-R4vHjdBnZMcOJP4i5ioaCG0Yjmv_AyL661rqikLJ-JQDieITgB7pg2yJahy3TiAwgThAwVuyHJn6xY27hOim21xUHnpd31wuo-9OSKb_2ROQu67JIHGiT5Gv0_al_fG56WASMTJEfPovg1lpS4F22-39rDgM99KlzbeJaCqv1KK8A63l7WobatuHKWICVnX-FjCiUga5BGXPdQOSzvvGtESO22NfkRb9vV3DblOQSH3ae61DlHEJhMw0OS9Q5rNLxvoMjWdQDIN-O48tvvZIjbJRn1kMEb-wfy4H5fHzqlzTBTHsdpXtcFUPaH5VFtQjGEnFlCHMTM8W8twWA7uISA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 8A32
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 15 Feb 2022 21:35:41 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
22829
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
itw2TR85TTAVVPZ9DJB5L5WsLDpyREyDD8SJRvEW0KylAPv8/Z0xSCwEZLClDbx+4z4drf+Ubuw=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1644960942.638502,VS0,VE0
date
Tue, 15 Feb 2022 21:35:41 GMT
x-amz-request-id
YR1M0V2A0DRFMT2X
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
31
x-cache-hits
23265
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B8F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=60145
expires
Wed, 16 Feb 2022 14:18:06 GMT
date
Tue, 15 Feb 2022 21:35:41 GMT
vary
Accept-Encoding
25ADLXtOnqe74a4RQHUKSLbJ5LC
dfp.bouncex.net/pub/segment/ 		2 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/segment/25ADLXtOnqe74a4RQHUKSLbJ5LC
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
*/*
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:40 GMT
via
1.1 google
server
istio-envoy
content-type
application/json
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
2
visit
events.bouncex.net/track.gif/ 		42 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoATgAOFkZ1F3oigtYdAGUUADMUJBAneld3VQAyUAgYJAQ65D6kHC7wKGgKPh40U3QEWCRSHDTISFNhalbjGno6HboBQ8ZMAE9eFDITzAQhRnjs-dproUeBAkXeR8wUHLAAWga8QQ-xQNgIjV4fyyKAoJwgKD+F0WPGBAPCaBWf1czERSEgIHilj+kkYkhccjy1DJox60D6YAIpFg+IImF0OEkqmYzBp43pjOZIFZJw5Oh53XG8XgkGywEaIFBljAOEoLm01Ea+MJCAA+rMMDRqPJttRqJAkLBckbqKFTd98cBdRA0JgdbBTIbjYaGqREJ6bYaULwddR1Dq0gQFhsjXITdQfX7TSFDbMTgIYaQ9fSsJBPbHvTDE9bbRrMJhI5ggTlsFngTm83GE1bk6bSAQ0BhgzwdXU+s386am-6S22Owgu67ZiBPkmB-HC82A6aEI6kDrR52dd2pzOY42F8PA3iCZYdfjIJYG4a8DCUHCFftmMYQMjrhtdsxaOiVo-sTsBx+1QILkH7fL8+y2h+gLAo+BB1I+sxgIgmAYEg746KC4JIDOH78Nk44IZMi4ju23ZZAQ5ykFeg4HkmS7UJgsBZDYyA6nBOqaiewI6n0QbUVSh6mqm1aQDq9yYHUL45LuXo0b6xGBsG36iay-FDnRJYgNCGALFRs5xisazCAOtBOIcAjHGcFykFcNxgHcDx0PSIBEMgTiSAgeAAGoAKI2KYMQ+JwkhgHgEQKOoXkBC4AR2GgcgAFoAJrAAQ8gACJOJUeitHITgyh6dCNPEiIoZYSCSWAaS4vE1B-KYmSQuarLxIwYByIwPwoEQrIoLc9xZE4piwDY4TxE4ACS6XGJwLgAFIJQEMQABo+QA8sEXliHIwQuAACngnByPQ6h7cYjAAFamGggkase2o6mB-ZxjesLwiYL7hG+bBfiAGK5jof4DswQG5MwT0bLazDQRszBwWwiHIahsOYRCbB4dJCNEbdnEPfEKAA3uhrPNGLbUPqCCQCcpjPUeWqXhphoJCgpg6ogWA6hKhOyfO8m3czrNgCNWRQJA446uclx1BQVVqbRxZM-jgvC6L4v41kU4urwCpNDB+kFnzjPLkrbMq6s4s2LxETTCTcuGwrxss6bNgi+bwamDwYDmiANN20WZM2CgiSSeQEsIBYBAnCJ-G3WLQZgG6mBQGxmAU37Cmmjw9wulABA6qNBCJLWyHc3O6kO9QvB1KzmRBgXiT8Rmgi3VXNfgrw9cRBL7oINaRNyf79GrlqMI6mgGbICcepzOnt0MnUompumocNXW2Cz0bd309xoA3OLORi2uAg8PwAj8ZI-MmzKKBe6xq8lxvFcC2e4K32uXsoHwEIQK5xf1vrA8M7UDSBCZemZ77-37rzQeJZd4CDVmkBISRmTTy9jqeBCAIiPzJnUd4OR34jTAPEJoLEkDYPojLUSWl74QFUgA6BQDKGcxAHvYM8REGJEjKXfc9syZ9DQCAMBOoEDohAKNXU8A3L0PLmTZ01wJxukQGhHUB9WLHz4M3aR8syZwOnmmDMPYXwES0bwlw6VeQwHuAQa2CAVRqkNMAK89izFk14GgWgL4vYBHbg2c0loyYgOwlNfimxjDpQCAlEQvBmC8GoCwgAiroXQzA8AACVmB7WWj4Ywa0AjwU3vPSAwT6GhPCctSAa1MAAEcEAuHUCgdQqT4k+AAKp2GqAEGwc16ABBLK4m6+t7GZzAHtPooBIxgGCNKfCZD9LqU0mAaohDiFiKkXuIcLj6J1GANwzk6h1B5C5HkdQF8h7TgbHsg5RyTkaDyMwVQeV6IoDSvpKoI5CpQMMusf8JpdimU2AcI4pxJY2RJg5QaAKnh2VeO8UgOE6AQwBEHVEqNsJQlvPeBESIvqomln9TE2JcTb2JKScklIyQ41JrGN5DjTCOP0qcksMk5wyXorMqBt14g7IuRoK5zBjmMsNBAZlxhiRkzQMQi5grTQQr3DS002sRWGkkB4SQBQ1XqAKLsfZqhJAqryPQW6pBuUMt5Yc-lJzVTmMkagDA2BoCW0EEonA6RMg5A6DauY9rVy0MwDgQoxRSjlEYJUD1SivUwAsATXBSAsg4BUKfWG0gw3IAjdAXgK4CSU2prYjNYAIgFQ6FKL2MzoAgKIayYe44cA8gwAQaA9xYDYCQCce4GaXXGA6HWhtFZzStooggOQHaRBdoQPWxtzarg-FscET+QYUCjvrfwoUfr4nBEXdAUwBAP6kDbbYnwcgYgbvEvia42A904BEJ27ty7WRPRwPEy0LF4gdHIu2nk8CbA9AQNOHAoZdgWN-Zc81Arbn3LkB0DNoAgRAdVeqgomrtXqF1fq+gHQKZwKAx0RAVTLSVh-bwGtRbwg5nxL8SAPxTAcjNdczk6riMsOwCzEAPqV04Ao-FSDmagQ4F4NhyMSAeOfo6BGnANr+MLy3IR0pARymVJqXUhpTTWntM6d03pHRAldmk-QMJESokxLiQgRJyS0kZKyTkvJQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdAHYCeAJiDOmywoSYBjAPYBbev3gla8ERg6SQYiIQC0AMxBDVakACMRIVBzViQ6EG0IwQemBhj91G9DDB41pAOwAGPai4MELoEGoAjEzh3qQAnFTRAGSgkLAIiELIhLjiUMa2+qGEmMTeAELUVMZBIRAA+ikQlWSUVFS4qMhNbdQAwpUsIEFQ9TZgLHXIwM0UlVrohN1UfZUgHHVUACx12CJoMsuzbfOLzVT9baBs8BboDaiqECy4M61UJ0srbSAsLHssOhUz3uj2erzmFlOPXOlXQIjAkHWTjqGgenyO70hnxhbThCIgSImoBgih6GI+ZwuVGgEFQdTxiLqyOJpMObwp0Kp1WCoTqQVwoXBbQAshYrDYQNQAKxUXzkBxuZzS2U0NweF5UGW+Hy+aVHLUAZQg3S1gxUMhlFy1Wh0FtlIg0yt8oEIixYkFQdt8BiMJidHBE4gJTuAln4lNh8ORYhEXHQQsxC2xVJYyDE+lpdQddW5tUIdQeawT4QjlysQNwdVELA0DhUrJaEKTpaq6zVeCzLATHOWOKoMHMkDQ8bJbzwBBIRzosmY7C4PD4AmE4noDxsAC9afRwhBhQA1ACi+mAAHEABIAdXChGFAGsyps9wAZbxPgDSYFIAC0AJpQERkAAIvQAAcvi+AAHlKpCkPQOTTLQxhCHo7qhKgtaENgARCFQajAKgsZqB0IgAkwhCkEwyggOuJEgNIy4SLQwDIIUwT0AAkoB5AXt4ABSX5PieAAaB4APK9HuAAqpC9N4AAKwoXqQUqbHJ5BMAAVsAYAtrmvJmuibyipY1i2NQcoKk4qjmaq7h4OZOqNrKRrdL4BkyBcvg2tZ9qOrKLpuh6MjeoYxikr4AZBuFoY-MmqyBDy9RCEMCZSAcXxUI0uBsMAhnxTUgqcpUEDJcAdSLE8dSwDYGpsk2UK9lSJUgGVhAsWIMD4ASdTzrwrggJh3ZYi2zWte1nW4N1yViMS4wcLYqBwOl5LDUVbSjeV41des+iFreTjjAIQ3Nmt1KlZt+gddtDRONki25cdDUZfo2i3rW6B3BwEChiIbAVgmLaTWs+bICwnWdo0j1xW0TiiOMnUiHUhQiEIt4gm6tVOYmT19hwGhlQRazI6jCa3CI8AtnjBNGBwxNoxwUwQL2dXHKtjWVCMCXJXcYC3LSbANOAeWsyd7NtIQDqVlcNwfejTyYytosZXpqhVXA8DdSok10vATgBhTo6VCWp0bTkA3a3LYKGyLONNedZvZJm2Q-FwJgbvU+Gggr7Jsxl2BhTLdyexjUMtmkGvrEI2AlbeexS+bdQaxAt6h6dGjyCodJtfohBCItGaoKnYtUJY2RMjNa42CRRcZaXlbh1N0eo3HNd9g8YAwIHdQQGqMCFPUWRbtb2PQ1QYz8ISkyLJ6dRa5mussPrrdUuHgvXLcKIOMGw89qUgHJEL4cZIG+2qDAm6YCBUreIkMZfZgviJBrOedRAJKYFsMqJNVnXv+EABsmxNixH-r4WImwAHAN8P-UgiQvqwB0H-Ug-9wggVQZsK+WxNgoPCHEKUB9Ujqz-okRYABHLoAI34cEwOERIIQ4DPCCOaXAyhgA0MAcA0B4CAEgU2HQtw8sWowE5lXFgmAWGfjgdAYIEBMAcBIXsVAOhMDP0SELZ4mBB6oAURoSs79NTkEAk+ISuBRIsFIRAbwmwQCbAAEoAEUzwAFU3wGifPoXiUony9ESP7EwTJqEGKMV+AAchwCK-YID2IghBXwwpbG+DkkJM85BRJPg0EAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://ums.acuityplatform.com/bum?tpid=29&uid=ed239641-d788-4f62-a800-8b3ea6dac16f&bidswitch_ssp_id=bouncex
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=bouncex
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=ed239641-d788-4f62-a800-8b3ea6dac16f
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=ed239641-d788-4f62-a800-8b3ea6dac16f
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=ed239641-d788-4f62-a800-8b3ea6dac16f
Date
Tue, 15 Feb 2022 21:35:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_emoq9WReDFaGmDH&Q_SIID=SI_0uFoGKbfXff5a6x&Q_ASID=AS_77856162&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&r=1644960941730
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
3
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
9374302835df9af9
cf-ray
6de1aadddc268ccc-EWR
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		256 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
96716
cf-polished
origSize=757
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time
19
cf-bgj
imgq:85,h2pri
vary
Accept-Encoding
content-length
256
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 03 Feb 2022 01:25:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=315360000, public
trace-id
a3f0cf8fe4937730
cf-ray
6de1aaddee30191b-EWR
servershortname
expires
Thu, 12 Feb 2032 18:43:45 GMT
/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame DAE5
Redirect Chain
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18003

Redirect headers

location
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=a09fb837d37c43b08d3ea316a02dc5ed&orig=video
date
Tue, 15 Feb 2022 21:35:41 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame DAE5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18003

Redirect headers

Date
Tue, 15 Feb 2022 21:35:41 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=37597b60-8ea7-11ec-b4e0-145284e10203&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
97
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame DAE5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=0&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
  • https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18003

Redirect headers

location
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?gdpr=0&taboola_hm=Z6TqPGD1uzt8r-I-Mqf3ZmXy6Dt8ob9uYq7BnGPB
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame DAE5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18003

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
date
Tue, 15 Feb 2022 21:35:41 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 8A32 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f447a251d15326bfba7606a477cc072b2e452ec2f76d3970a8a1f45be11d9402

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43094
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 16 Feb 2022 09:33:55 GMT
usync.html
eus.rubiconproject.com/ Frame 9436
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 15 Feb 2022 21:35:41 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
date
Tue, 15 Feb 2022 21:35:41 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
bulk
trc.taboola.com/nydailynews-nydailynews/log/3/ 		0
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nydailynews-nydailynews/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960942.806155,VS0,VE12
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 8A32
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=KZON9OYT-C-HI4X
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X&gdpr=0&us_privacy=1---
0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 varnish
server
nginx
x-timer
S1644960942.865519,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KZON9OYT-C-HI4X&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
usync.js
eus.rubiconproject.com/ Frame 9436 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f447a251d15326bfba7606a477cc072b2e452ec2f76d3970a8a1f45be11d9402

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43094
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 16 Feb 2022 09:33:55 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nydailynews.com%2F&domain=www.nydailynews.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.nydailynews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1515
date
Tue, 15 Feb 2022 21:35:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame CFC4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nydailynews.com%2F&domain=www.nydailynews.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=PuTB0nxoU0VjSEFobHlKQnkyWkxWKzhrYWdvQzdDYXdoUzd0cExVald2aXloNFVlb0pPRkFyQ2sxZjZWYmh4RDBRNnB5ejBkQjdKWmFWTzZoUDk5SVZhaTRmemxKYXhEYkpOa21yQzhTL1dQT0cwcHB5YUJ0eG9vS1ErVV...
440 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PuTB0nxoU0VjSEFobHlKQnkyWkxWKzhrYWdvQzdDYXdoUzd0cExVald2aXloNFVlb0pPRkFyQ2sxZjZWYmh4RDBRNnB5ejBkQjdKWmFWTzZoUDk5SVZhaTRmemxKYXhEYkpOa21yQzhTL1dQT0cwcHB5YUJ0eG9vS1ErVVJVTWZweVVlRUJwN1NmcDZPeHBHRkMvaVJPUVBWQTZqaVZHdmI4ZEQ5SC9reVVKN2g5MUpMdUtCOUwwZHBhd1kwUFlhTHVUalNxZFNBOHVnd3UvNUVKQmlXd0dLbmRNR1RNb3R3dkFqK0hqMFZMaTUwQ3YxODUzQnhJNGpNdUVGVkdDL3YrUkJmVFZpNThOWE5SckhPMGExcUQySVpoOHV0QndmcDNqd0NERmNrK2dNY0tEZz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
018230e506cfa3f5fd892911defdba0d4e65591c6556d881055c71cc18f7d98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4825
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
location
https://mug.criteo.com/sid?cpp=PuTB0nxoU0VjSEFobHlKQnkyWkxWKzhrYWdvQzdDYXdoUzd0cExVald2aXloNFVlb0pPRkFyQ2sxZjZWYmh4RDBRNnB5ejBkQjdKWmFWTzZoUDk5SVZhaTRmemxKYXhEYkpOa21yQzhTL1dQT0cwcHB5YUJ0eG9vS1ErVVJVTWZweVVlRUJwN1NmcDZPeHBHRkMvaVJPUVBWQTZqaVZHdmI4ZEQ5SC9reVVKN2g5MUpMdUtCOUwwZHBhd1kwUFlhTHVUalNxZFNBOHVnd3UvNUVKQmlXd0dLbmRNR1RNb3R3dkFqK0hqMFZMaTUwQ3YxODUzQnhJNGpNdUVGVkdDL3YrUkJmVFZpNThOWE5SckhPMGExcUQySVpoOHV0QndmcDNqd0NERmNrK2dNY0tEZz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2377
content-length
567
expires
0
sid
mug.criteo.com/ Frame 3FFE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nydailynews.com%2F&domain=www.nydailynews.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=BD29sHxxRVo1TGdzMElnVTdlWjdiSFpOMzV4SHBVWXh1NHlmNjJzd1Y4Sjg2S285cWZ6L0phTnp3TVlTbC8zRTdqY3BiMVlHK3gvT1Y3bzVNNVVUTit1TGRYckNnYU5MWnc5VkdrUFU2TkRnNTZwbFNaeEV4NHZGRjlzRl...
430 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=BD29sHxxRVo1TGdzMElnVTdlWjdiSFpOMzV4SHBVWXh1NHlmNjJzd1Y4Sjg2S285cWZ6L0phTnp3TVlTbC8zRTdqY3BiMVlHK3gvT1Y3bzVNNVVUTit1TGRYckNnYU5MWnc5VkdrUFU2TkRnNTZwbFNaeEV4NHZGRjlzRlM3NHFMa0tjZmduOWpLZEx2ZVU4VGRuSG01emRKM3NMS0RDNDUvbnhUaktJQzNJZUZjK05UQlFiNUt4SjkrK0tJZzh4S2ZPWHN3NWVtK2k4MVVrV3BjMGhTK1F0bU83NjRMVklvVmptOWN2eHhaNmRXT1EwNndrMjBBWktqMUVieHVuWlluNEY5cnQwcERSNHQ2Z0dTa2M2Nlo3dHgydz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f284927e830d7d93e853fd8c539ad5d249d952577e5252d0e6bbbaa776bcdf66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3729
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
location
https://mug.criteo.com/sid?cpp=BD29sHxxRVo1TGdzMElnVTdlWjdiSFpOMzV4SHBVWXh1NHlmNjJzd1Y4Sjg2S285cWZ6L0phTnp3TVlTbC8zRTdqY3BiMVlHK3gvT1Y3bzVNNVVUTit1TGRYckNnYU5MWnc5VkdrUFU2TkRnNTZwbFNaeEV4NHZGRjlzRlM3NHFMa0tjZmduOWpLZEx2ZVU4VGRuSG01emRKM3NMS0RDNDUvbnhUaktJQzNJZUZjK05UQlFiNUt4SjkrK0tJZzh4S2ZPWHN3NWVtK2k4MVVrV3BjMGhTK1F0bU83NjRMVklvVmptOWN2eHhaNmRXT1EwNndrMjBBWktqMUVieHVuWlluNEY5cnQwcERSNHQ2Z0dTa2M2Nlo3dHgydz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2775
content-length
541
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.nydailynews.com%2F&domain=www.nydailynews.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.nydailynews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2316
date
Tue, 15 Feb 2022 21:35:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
graph
idr.cdnwidget.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=25ADLZNd0d2ieQxx0MR0PXHAOLf&deviceID=25ADLXtOnqe74a4RQHUKSLbJ5LC&bxdid=1361818485244611395&bxvid=1644960941649063&bxwid=2452&gm=true&apikey=2^HIykD&loadID=Bh03F30dPaXSPgw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Feb 2022 21:35:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
id_sync
events.bouncex.net/track.gif/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=25ADLXtOnqe74a4RQHUKSLbJ5LC&source=web&agent=cjs&deviceid=1361818485244611395&visitid=1644960941649063&websiteid=2452&pageviewid=1&sequenceid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PuTB0nxoU0VjSEFobHlKQnkyWkxWKzhrYWdvQzdDYXdoUzd0cExVald2aXloNFVlb0pPRkFyQ2sxZjZWYmh4RDBRNnB5ejBkQjdKWmFWTzZoUDk5SVZhaTRmemxKYXhEYkpOa21yQzhTL1dQT0cwcHB5YUJ0eG9vS1ErVVJVTWZweVVlRUJwN1NmcDZPeHBHRkMvaVJPUVBWQTZqaVZHdmI4ZEQ5SC9reVVKN2g5MUpMdUtCOUwwZHBhd1kwUFlhTHVUalNxZFNBOHVnd3UvNUVKQmlXd0dLbmRNR1RNb3R3dkFqK0hqMFZMaTUwQ3YxODUzQnhJNGpNdUVGVkdDL3YrUkJmVFZpNThOWE5SckhPMGExcUQySVpoOHV0QndmcDNqd0NERmNrK2dNY0tEZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1672
date
Tue, 15 Feb 2022 21:35:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=BD29sHxxRVo1TGdzMElnVTdlWjdiSFpOMzV4SHBVWXh1NHlmNjJzd1Y4Sjg2S285cWZ6L0phTnp3TVlTbC8zRTdqY3BiMVlHK3gvT1Y3bzVNNVVUTit1TGRYckNnYU5MWnc5VkdrUFU2TkRnNTZwbFNaeEV4NHZGRjlzRlM3NHFMa0tjZmduOWpLZEx2ZVU4VGRuSG01emRKM3NMS0RDNDUvbnhUaktJQzNJZUZjK05UQlFiNUt4SjkrK0tJZzh4S2ZPWHN3NWVtK2k4MVVrV3BjMGhTK1F0bU83NjRMVklvVmptOWN2eHhaNmRXT1EwNndrMjBBWktqMUVieHVuWlluNEY5cnQwcERSNHQ2Z0dTa2M2Nlo3dHgydz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1188
date
Tue, 15 Feb 2022 21:35:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CYwI_rBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_wJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtgtxYTTPZemhcMC554sW99UmKP-NG8FettJm0bZNHGxU4AvwUK3B_9US70Ua8UZ6wR7FqllRjeuJaBMroM98AEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdsQnNZCtxV4LqWIAKA5gLAcgLAdALDrgMAbATjueaDtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=SW07ILPXCx8&label=video_ad_loaded&acvw=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 28C2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 13:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 12 Feb 2023 13:58:43 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 28C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=Cy8RIrBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBkgUGCBsQARgBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC3wxuoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oOwhMGGNib6IYDyBPwnpffA9gTDdgUAdAVAagWAeIWAggBgBcBshceChwIABIUcHViLTExMzUyMzU5NjQwODY1MDAY1sEX&sigh=oxMDFnP0lwc&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
B27211863.327419631;dc_trk_aid=519624216;dc_trk_cid=166041897;dc_dbm_token=AD1EzRQAAAA4CjIKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhIIr_TnqTyoAtfbkAGwAtHt2gxAOxCfug5aDlPgp2r9A5Eqdyqmt2sD;ord=291845584...
ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/ Frame 28C2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B27211863.327419631;dc_trk_aid=519624216;dc_trk_cid=166041897;dc_dbm_token=AD1EzRQAAAA4CjIKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhIIr_TnqTyoAtfbkAGwAtHt2gxAOxCfug5aDlPgp2r9A5Eqdyqmt2sD;ord=2918455846;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=5803024030475958305;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMIwNWRhNWC9gIVUWABCh1J8AczEAEYASAAEgIbkPD_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf7carBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oO2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=-_kFgo7k2XI&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942043%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1644960941214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 28C2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2kAM6MXzb7dKowkYv4MJ8mi4Bj7E6rgZ4t_pJJz7cf86WCr7VpGytxkqjAVQLil_axDJ4ahvwtB44wo2uLzjEb5v92CIxMaq5s9yFnxv9W7lQPDTNykHwePenp3uZwsXtxdkbpeZeBw&sai=AMfl-YSox2SzCYidxFSvgvlimGSnC1p_Dw8H0HmtCUGHGEAkfpEAD7ih8cdSar9lBIxMi2R7ES3p8sRuSJT0CoKZej0DlgMleCOLILM3ZDu3P_jqj7DtZIPaAQ8-OR-x&sig=Cg0ArKJSzNPbQ7gwjxKcEAE&cid=CAASFeRo-ydGTnZZcDxsem9kL1Ponm9lcA&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942044%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 28C2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=5803024030475958305&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942044%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3...
ade.googlesyndication.com/ddm/activity_ext/ Frame 28C2 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942044%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf7carBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oO2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=-_kFgo7k2XI&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942046%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 28C2 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942046%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28C2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.500.0&e=44750823%2C44752711&id=ima_html5&c=1441707447020533&domain=www.nydailynews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf7carBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oO2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=-_kFgo7k2XI&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&label=admute&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D15%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942051%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 28C2 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D10054%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D15%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960942051%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai
capi.connatix.com/tr/ Frame A1AE 		2 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ai?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
37aa3970b6801c9d286464f7d86e50bf41c88e54c7b4d08f3ff61935b3f59c3c

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
22
1_th.jpg
img.connatix.com/ffc4d445-1987-4e08-8396-f8627d344b6b/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/ffc4d445-1987-4e08-8396-f8627d344b6b/1_th.jpg?crop=550:309,smart&width=550&height=309&format=jpeg&quality=60&fit=crop
Requested by
Host: tribune-nydailynewsclassic.zeustechnology.com
URL: https://tribune-nydailynewsclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e103b4b8e054534fe795815addb2068b5db87382812f5893983f2405e36ee094

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:42 GMT
content-encoding
br
age
2461332
etag
"A462rxDGxhnPU2S8wHJW+9e05a8xBmw90siDC3bkL8E"
access-control-max-age
86400
fastly-io-info
ifsz=18265 idim=375x212 ifmt=jpeg ofsz=13150 odim=375x211 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
12791
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame ECEA 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 12 Feb 2022 19:34:57 GMT
expires
Sun, 12 Feb 2023 19:34:57 GMT
cache-control
public, max-age=31536000
age
266445
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame ECEA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
204556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 12:46:26 GMT
playback
s.youtube.com/api/stats/ Frame 28C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44750823%2C44752711&el=adunit&cpn=ysz5HnVZ1sfQ5LiV&docid=cdUS5Zomv8s&ver=2&cmt=0.198&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.nydailynews.com%2F&len=10.054&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=98.0.4758.80&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=8&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame ECEA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.500.0&bgai=BldbArBwMYsDPE9HABcngn5gDAAAAADgBugUTCPn-j4TVgvYCFY8aAQod37IFBw&bg=!7-yl7KjNAAbAtJCDwLQ7ACkAdvg8Wjs6vPhGSDrYqGTkIvZDgMd2tonA5vKCyNOpiZ870bMo8R4rnwIAAABvUgAAAAFoAQcKAGyS6czXRrgVFPEiGS5VXMR1XbcDdhDIjPBW4mZWAfikXIDZXNLHSblaiE-0BZPU-17T56gfMJjlDCHGqTbNIa2lWvMNaOw7MalrGG4jmW7Ko1HUCFvIH3PPm9Z9FiVslw_aeGRzei4bIshxWD2ZAoGUmbVNLvKQLELKaJmsLUgVwn6nk9Q78m5e1atMc3zSvFTGQhYTndPS8c9eULWkSe2mc4twfQlxTCwYilCzyJYQebk1FvVPl4HULLDhehlW5JmIDsowBuaA769MkcHF9bIKMfWoe_DSz-qozXTG-D5OykAhNJYSTUJKLTK-v4qP8ELoUOyab3vnm_vFtfkL3OiRdjlbxb1onBwjr-V3hs6d85Y7zI9ENgUenNK3EZ23k2ctsRSyyrFtU_fHLg1XXhBmZWmEJmJKiECw0RJgHWFlq3HfsWvK6Wextebfaj20adMm9hUThnR63d6YiNgQbV2W7CFGMnkGRVIYTUzxDgv7Pikzq4MEbopNJkvN8HrE5-IswpyDRj84kPDiRWzRMzpDf--VMoSIp9nJUi2iJu8xyQp6KaAnT_o7aGvS0xOFjhayyMTY0LaTsYfAdnw_OuROh5Sc21f_iFi8WzV9wmYqzQ0TDXttsEO67Lt-DlGCn1y4mIuowVyE9quPYVjH4Wmmpsf_C5pscXdaQIGC7neMjtCgp9r8rJuHh-QNP91uCJqRqEkXE8BxbgPCTlr2TT9sauSaAIHTCwMRqTW55lWcQMdmOABYMLtMO_Q0-lDxgycN0JIUPwrpEto9VAb1jK_rbNt0Juaau2Ym9lu8jEkfZ2BIfDIupJ2YmzwmxzCqzc_2saPj79QtkfBMvOsGTB6qKv0_Cbi1WUKDqALk1GIvzUdVmil5z3F8rnEkngWd2ahOWbPkDWELLIJXMGAVGrU1mokZSJ1eaeqCfa3CPyE6i1CeoOnPGkjl2Uadk2HuQhJ392O1RvrYh3ei0FTMPKrM9Ozq8dn8leHbilJJgzW2eA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2452
dfp.bouncex.net/pub/ 		6 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/2452?li=4566180146|4630851773|5120814619
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
85c55ac21e850c953dad6ab622d94de07cc7c0b0eb990c56c4264364b6d30196

Request headers

Accept
*/*
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:41 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
6
SPug
simage4.pubmatic.com/AdServer/ Frame 7AA2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
abt
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
abt
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=2576&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWYgTkIAYziBmW4gdk2AC8QpLMB3AUwCMcqYLwD6qACZQATMQCs0zACdeOEABs4aDASqUAHvmmUuKmLyUqlUbAEN161AgDmouEvVQAFsGAAHHABSWgBBQOkAMXCI7liAOgQATwlbVHVEhF5uHDikEABbaMzs6O4QDwki23zVAFoYWyQ6234QWyUJWvz7W0ShW1rUjyc6mEdnH1raRkpBpTQkdV5a-Dj8RloyaXXMADdUIWBRPJAAa1ReKEDGACFw6XU-e+Cw6WkffyDpOVDwhSjvpFYtwEslUulijk8oVARFIX8geV1JVYQhqqNGs1Wu1Ot11L1+oNUMNMjh6uNJtNZu0FksVmsNlt1s9pABhe5KZ6-N4s9lvHC8ZxcsJyO5yAAi13F2BAZwuV1u912wuudzeaLQuzEQmcCDcTx5oQa6gF4T5DxAzmcvAk4j1MBUvGFxtNbPu6kt1ttTlEflSKOkLxdTrdb14WqUog9Vptdt9-ud9ld5oQcHy-AsohAMFENNQi1UohUtgDL3wZvuvCQtj8ogFvD1+0OKrewd5lertZwcH4+WEIltKTSiTGthwXkTJpD5qrNbrPb7vlj1fyftQuokqHaFy+gaNSenHbn3d7-dj-GL5xc8MNITboeks67C7Ptr8ThwwCUqD8Ib3d4PCs3nxT9xFXFQcCEDBJ2Td0xyOfYsmXLwq1OEAtBgw9+XXTJvT1OABSUHBRBqERI24JwJBAbhMKA6REO4eNEm4ex1FEGBiRtFtpHvQNGElB8JGcCJiU-AAZNpS1CL84Cw94cQASQE-97m+EJxTEgAtAA5CRKAkaQLggfR9EoABZAAlSgAAUAA0AAkQgAeTEmB235bNgCU7i1I02zgCchAAEdeEYYhbGICyIHsgBVABpABlMT+AAKTkMTzTooSVUVN4DmslR9nQnBWQI0Aak5W973NA4Ep7HAkG-DNKv-Nt+LomBdmAYUiFIChqGIcsH32KSQl68gqBoXqyEoQhaDo2wQGFSg6MebiPgCP5uX+BEYniJIhwhLIoQKXab3+MoKjO9EyQaJoyRaNoOi6Ho+i3IkSVGClgCmGY5lpZZVnWTZtkYdzpDHZa6N2PxlVvIbzVG+5SwfFqXhZQMHyQLqepICaBoR+4hFGwm3mcRqetJ6QYX-FbBMkbj8FoQh8AADjZ4hWYUUgWaZsg5HB9QcfhvH+qmqU9naHAAG08wLeNrQAXSgGTeElojpY1VAtTrHD9WV4N1ZlktRFkUQvHQoiDYPI3pb9ZjWN9CCG2Aa2p1t2wEAQdDkF4GoECOPxnYDt2BVt6MvTjB1eF4UO1d2KXpYj2MfTXCQ49t8NM2TvD40kDOE41uWllENBgCWZWzNe-oEUoEJiUcUla4ib7a6pLbXgUSgEpj2u0RqL4FD5Lu7tUWvs1rv1IIba0iNrx6cVrqiCi4wFKD8fFMnDy0fXyEAUnUAvE9TdNM2zXN5nzJZiOLdOCFt+3-aOPIEA4pQajvw3C+N21vqzBAj4a1QN0a07hD7eF8JtUIAB6aBwJQSHQyMdXIBRoEQVQKwCw0D8C8DMgANQAKL8D8AAcXsgAdXwDgMypwbjEDwWJRgYk4rOFoJpAAmrsJatBxTQNZiYfQPxaDQNAH4aB7QkCDBcEsJQHFxxzCQNIWoQd961C-BgJAcQcC0DiNUWw7A0TZBQfkaBfgeyOCQNApSIRyGMBSppMSJDbIEKcqyPBAAVWgrJGDWTMuQ2gchiDWRCHEMAfhnAe0vvLfuscoBV3xG9Ww4Q64NxGF8SgLd1w+GSe3bk3de7GBiV8PklBR7pInsYKeAoXAWHSQvDoyTl4f2SRvT28dE7FzENWV2UBIQP1sNaYAiRfzK06ZnTsdYY6NgOMIQBMsnzzlPEuQc4IRwgS8HM6WCyTyLgHMcaoa4Nxbm-KoTZ2yXzLNEBeXgtgry6mOmciZOzXy+g-F+H8sSv6J34I0U4HEHCiAkLwDeIBEhP2VrbEQJZiKIGEP-P0StYA22-tLJweRdTCBAFcj0SBThO1UC7TZEgYC1iUJJfgOLTijIcNRW2xLSXkspYCuAv5pCbIjAsewohnCsQsIkBWnzkWJzUDAQOvQWIAqDgSkOSL3Yos6cRBisZSKZgoggKi3Blb4HGXOUA8FMxSuqT0r5GsFl6s-JmT8nsUgdCEJg-FRrNleBxBKtihrCWyrDiipVtokAoVxehMVoE+C8CpZ69pGsYDlAqoshqTULCbJAkcYBhqoIAPDeHeCogfXHH9WhLQmyVDOFQK60QvBxioApWIAiCaM0op1LhOMNaiIkV4GRUQaqNXsouIxe2pa342gzicc4YhQBYvxEoa0GbiGcEwG2vwUBpaK0wH4YAeAZSrkcJ7Jo7F8TOBsPSpdUB5CEBZvw-AxBCCYEPcrS9tBKBc3WBsa9JKj1yCMA+i9LMyB7GdbO2Gkh74eCGb+KA3RUz2GUOoGJUAkBlQKJgZ1HRxBSF8lpXS+lDK8GMqZSyNkHLOVcpgEVybUNyHUmJfygUQphQilFWKiVkppQykAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
0a67411b698bf1554ba2d43659bcdea43f247e670f7b44d66f425c20504034ae

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:43 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 21:35:43 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
41
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmH6kmjiMA+qgwhePVgGYAglJLBCkvrwDCUrFEEUQInJiwjCyKbIV8AZlDA5V0npr6wRPACwiAFhELAc5vJSNnYOGlKoAJ4A7rZgYqD2WCSBljwh9uZOUlBYWL5YcCCIIMkJTKUpakHWtplq2XyQGBIwImjGVqBhNel1YY08za3txqhoMKnB-VnOPCB6wCLDIG0dYuiT1WkZA3MCQqKCJIxTfACytlCRhlC8AKw8AAxyaMBgHUwPzwBiHxheKqPJ4ydhPB41YEAZRAqmB2hKAR4j2cwJsRSRwIgVm+T1QOCSEn8uPo0GAW2BMAg5FWuOQYFyeykzXWiAgMFsZz6oVmWkIiDoICW2JEB2ETBEoFgXIAjLy+FESmU4BAsFY3iUttJert5fw2v9ASJVVzdQ05mhEFAJH4wFzASRkAEaj9eD9oh6AHRYSIctBgSJYEDRHCelWIN2JNAALyFbplIHOADUAKJ0ZAAcQAEgB1GU4c4Aa047iTABl2GWANIYGQALQAmhQILIACJugAcTyeAA97jIZG6yGYeD9qHAALS5DCMYDqnBeKfAOA8CfIYDsidKVVwT04GSepBQaOqqAhsPkN3IQgMIRugCSrbkOfYACk62WMwANFMAeXUSYACoyOo7AAArnDmMj3O4YFyJ6ABWyAYHqYqiAiPRpJcDI3LQvAvG8HxBkiTx-JggL4aC4I1E8MKqE8GFIs4Tzol8zzYvh+KEkKJGktQWxPFSNICfSjKocAgjiiICBVNqaRBiGeriCAJCRMgmE5BJhxMnwIAIMgBiwsYFBoIYskWNMPLmlIelQAZOA3ogaAkCQqwiH6AZWAyC6mjM1m6fpBiOc5rltAgKDoNgMC0DQbFyZZ9SOHMtn2cFLluXQUqFh02DBki8W1FZSU2YFDl0E56VtMgHSkDQ6m+UV4R8HQUBwIW6pgPEMAgPSECREq5m9HqrmwDgJhYM5xpYMpDWJU1PAdCq2DORAIgMBAbXlEkg07H5xV8DAVgGRusDrW1XJxBA0R6odx3QDAZ2Fu5pggI4BXcnNgyLJJtgiBgcRCpEGwSLNOk8Dg2IkBsMRxFtlSg+JkmMGNJnBm5JSuUs0QdFS13bFIcr+fMgVkFApBCnDyQI0TKUiKT5NLKQuQcuShixpTO0JWDXj8bEnUc9T+08Kj0RuXAXh6YWvhQ-iUOiyAhaC-NVgQMAJSMzeOBwDQgrAErgzeVDlrrkwhgmvjhWfXMhsiCLYsS210v63MoAYGgfPxOAmBoAw+jEHGFsfWDhi5Wsxj+-4IgYxT2NYLjztSCL0MeyI6qgFqFmW2E7CtgAZKAkCwOF4zYPgGHMEQpDkPn4D3cXkW4HgqnqcwVpYIQti52y3XME8uei3QZkgBMzAeI8ucmWZI8ygAbO47gAJwz08C-uLPi9PDPMi591JlFNPMgzzKHbH+4HaPPPR8yjIC-3Lnyki9Puf2AAjiohTDzAo+58IaCVIIiISBIGQMwdei9l6rwHPcPuv9Kh2TQIsM2WBmBANrDvBYQgQDMBgM-Xwy4sED1ztaSozAI64KsEbL+yI5CtjLF+Egv4sAvxAOwdwUB3AACUACKWYACqVYoRljoK+e4ZZ1C5x5uSdoVD7g0LLHWAAcjAQSC0QBcJ7D2J45wOFPDAl+LMchfxlisEAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:43 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
creatives-base-styles.96663738.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.96663738.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_b680f3efe3074591a2568704e6fb01b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:51:33 GMT
content-encoding
gzip
age
715450
x-guploader-uploadid
ADPycdsyYeJ0wVgN5cbyxATHXYZALB3bBES1-iiT5R6Z4lPpsbtGEuvZTCHD2o43H5wBv4FNLxU1YbNp61leMncOOdE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6010
last-modified
Mon, 07 Feb 2022 14:51:25 GMT
server
UploadServer
etag
"b02b20e16378200891ef95dfe357cd77"
vary
Accept-Encoding
x-goog-hash
crc32c=0SBkxg==, md5=sCsg4WN4IAiR75Xf41fNdw==
x-goog-generation
1644245485313408
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
6010
accept-ranges
bytes
content-type
text/css
expires
Tue, 07 Feb 2023 14:51:33 GMT
integrator.js
adservice.google.com/adsid/ Frame A1AE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 07C8 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8749%2C4011%2FTribune&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3056992753765069&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2689498613&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=2D76D1B7-E31F-4128-8368-2393D7469F4F&nel=0&eid=44737475&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dlt=1644960936845&idt=2770&dt=1644960944074&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=1864473231585494&ged=ve4_td7_tt5_pd7_la7000_er1700.441.1858.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame A1AE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame A892 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8749%2C4011%2FTribune&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3410094143216567&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=922742284&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=50BA2928-A1EC-4719-97A2-8EDB5F87EC12&nel=0&eid=44725355%2C44738437%2C44750823&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dlt=1644960936845&idt=2656&dt=1644960944572&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=4325542548628617&ged=ve4_td8_tt6_pd8_la8000_er2376.441.2534.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		172 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.109.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-109-9.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d1cc943eedb73b6a02fe782c2d8a945478106e07e41e2d7d161c3182435c0b63

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.nydailynews.com
cache-control
no-cache
x-server
10.40.0.64
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
172
expires
0
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf7carBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oO2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=-_kFgo7k2XI&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&label=videoplaytime25&ad_mt=2701&acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2755%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D624%26pst%3D422%26dur%3D10054%26vmtime%3D2700%26dvs%3D0%26dfvs%3D0%26dvpt%3D2740%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483641%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960944791%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:44 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 28C2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2755%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D624%26pst%3D422%26dur%3D10054%26vmtime%3D2700%26dvs%3D0%26dfvs%3D0%26dvpt%3D2740%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483641%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960944791%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:44 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
PugMaster
image6.pubmatic.com/AdServer/ Frame 8B8F 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32651196&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4abad76489550a4a6bbc1d3de41c07d35dcc7cf40441c2e74831419b55c0f351

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:43 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame C74F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UKiHbJnYSxFCTxSnbGkqxZU4mbI
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UKiHbJnYSxFCTxSnbGkqxZU4mbI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug014:0:585
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 15 Feb 2022 21:35:44 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UKiHbJnYSxFCTxSnbGkqxZU4mbI
Content-Length
159
Connection
keep-alive
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame F16C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bd76d9e8-8464-4b53-812a-e277de61e22d&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
42 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.54.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-54-12.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Tue, 15 Feb 2022 21:35:44 GMT
x-lat
njrpug018:0:581
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9021BD47-D564-4E09-BA75-7F25F0BF77FF
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame 46AE
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36fb55cc-8ea7-11ec-9c76-a035d55853f1
42 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36fb55cc-8ea7-11ec-9c76-a035d55853f1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug006:0:486
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 15 Feb 2022 21:35:44 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=36fb55cc-8ea7-11ec-9c76-a035d55853f1
X-RealServer-NX
lga-delivery-9
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame D17E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de1aaf2980b7145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
2962
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de1aaf1eed37145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F471
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NR0ktyTD1Nk5u95&gdpr=0&gdpr_consent=
42 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NR0ktyTD1Nk5u95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 16:35:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug027:0:411
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Tue, 15 Feb 2022 21:35:44 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NR0ktyTD1Nk5u95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-706-g7d26040#rel-ec2-master i-0dc2cf3be5cbc9e63@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 20CB
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647429219865
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647429219865
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug012:0:477
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=647429219865
Pug
simage2.pubmatic.com/AdServer/ Frame CEDC
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1644960945031
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3457256224
  • https://sync.1rx.io/usersync/tradedesk/013f5489-abdd-43ed-8226-582ddfebe20d
  • https://sync.targeting.unrulymedia.com/csync/RX-ebb3f611-4d49-4469-9039-bee6f997b430-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebb3f611-4d49-4469-9039-bee6f997b430-005
42 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebb3f611-4d49-4469-9039-bee6f997b430-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 16:57:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug026:0:562
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Tue, 15 Feb 2022 21:35:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebb3f611-4d49-4469-9039-bee6f997b430-005
ETag
RXebb3f6114d4944699039bee6f997b430005
Pug
simage2.pubmatic.com/AdServer/ Frame 4984
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6982473371180712174
42 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6982473371180712174
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug008:0:541
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.2.15 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6982473371180712174
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=50809
Date
Tue, 15 Feb 2022 21:35:45 GMT
Connection
keep-alive
Pug
image2.pubmatic.com/AdServer/ Frame 465E
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1ead7ede-8c59-411f-b8d3-d00702804dea
1 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1ead7ede-8c59-411f-b8d3-d00702804dea
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug016:0:615
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Tue, 15 Feb 2022 21:35:45 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1ead7ede-8c59-411f-b8d3-d00702804dea
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 87EC
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=450D626A3A2B4E83953C6829C5733743
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=0B9E5FD9E3B246BEB94A104183AF0DEF
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d4084d10-0750-4cd0-9077-8f443013cdf9
42 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d4084d10-0750-4cd0-9077-8f443013cdf9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 17:43:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug030:0:472
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 15 Feb 2022 21:35:45 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d4084d10-0750-4cd0-9077-8f443013cdf9
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2CE1
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
78 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 15 Feb 2022 21:35:45 GMT
via
1.1 varnish
x-served-by
cache-yul12824-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1644960945.944958,VS0,VE182
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 15 Feb 2022 21:35:44 GMT
via
1.1 varnish
x-served-by
cache-yul12824-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1644960945.915616,VS0,VE11
x-vcl-time-ms
11
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D382
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CcydyAqhBu6u_CO1sRwMYg
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CcydyAqhBu6u_CO1sRwMYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 16:57:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug026:0:506
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=CcydyAqhBu6u_CO1sRwMYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pub
matching.truffle.bid/sync/ Frame CFAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.3
Date
Tue, 15 Feb 2022 21:35:45 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 71D9
Redirect Chain
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e6e841ae-f59b-4038-884c-614a98376bee
42 B
129 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e6e841ae-f59b-4038-884c-614a98376bee
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug015:0:672
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Tue, 15 Feb 2022 21:35:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e6e841ae-f59b-4038-884c-614a98376bee
Content-Length
0
Connection
keep-alive
cookiesync
core.iprom.net/ Frame 52BF 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
komodo-f0509c86a647@version_1.370
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
1ms
Date
Tue, 15 Feb 2022 21:35:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FF1A
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:45 GMT
content-type
text/html; charset=utf-8
x-lat
njrpug015:2:339
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Tue, 15 Feb 2022 21:35:45 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame E38C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
1 B
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 21:35:44 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug017:0:546
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Tue, 15 Feb 2022 21:35:44 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:450D626A3A2B4E83953C6829C5733743
expires
Mon, 14 Feb 2022 21:35:44 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
image2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UqUODlX0XwlJrgYMB6YTVFDzDAlJoFtcV69WZ_he
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UqUODlX0XwlJrgYMB6YTVFDzDAlJoFtcV69WZ_he
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:44 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug011:0:589
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UqUODlX0XwlJrgYMB6YTVFDzDAlJoFtcV69WZ_he
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fd1cf86-dfd6-489f-8670-0d4303a12ebf-620c1cb0-4341&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fd1cf86-dfd6-489f-8670-0d4303a12ebf-620c1cb0-4341&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:27:04 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug025:0:430
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:44 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fd1cf86-dfd6-489f-8670-0d4303a12ebf-620c1cb0-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3aa57f34-f749-4497-9a86-7f17c648fd04&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug007:0:578
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed239641-d788-4f62-a800-8b3ea6dac16f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 15 Feb 2022 21:35:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 8B8F
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_EB596444_2B223BC4&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
4.78.226.233 Mobile, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-327947745; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:44 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-327947745; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug006:0:443
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8144174960646922484
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8144174960646922484
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:39:13 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug024:0:499
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:44 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8144174960646922484
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=0000009C4A0A2F06
42 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=0000009C4A0A2F06
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:39:14 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug024:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 15 Feb 2022 21:35:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=0000009C4A0A2F06
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7341874419548819343
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7341874419548819343
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug009:0:541
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:45 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
73639caa-c629-4844-99ba-dcf487ee4348
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7341874419548819343
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 8B8F 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.23.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-23-49.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:44 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f9a7799-3e1a-4b6b-a2e0-f98b05f94750&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f9a7799-3e1a-4b6b-a2e0-f98b05f94750&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug003:0:532
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f9a7799-3e1a-4b6b-a2e0-f98b05f94750&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 15 Feb 2022 21:35:45 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
st
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:44 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
st
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:44 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.138&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&f_privb=0&tid=704cefb5-f511-44b9-89f4-5fc76d8d1c9c&pid=d48d988e-eed4-43ec-9155-e6009efe87f2&dtm=1644960945984&qnm=_matherq&visible=1&tabid=0891b9df-ef42-4eb0-bfa7-a260a96cbea6&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&vp=1600x1200&ds=1600x31901&tofa=1644960936&vid=1&lvidt=1644960936&duid=4b0002de7e794e74&fp=839606422&cid=ma89701&mrk=197837700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0NDk2MDkzMzU3OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNC4zbWIiLCJoZWFwVCI6IjE2LjFtYiIsImZzdFBhaW50IjoiMTAwMiIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIzMDQiLCJjb25uUyI6IjMwNCIsImNvbm5FIjoiNTg2Iiwic3NsUyI6IjMyMSIsInJlcXVTIjoiNTg2IiwicmVzcFMiOiI3MzEiLCJyZXNwRSI6Ijc2NSIsImRvbUxvYWQiOiI3MzQiLCJkb21JbnRlciI6IjE3NzYiLCJkb21Mb2FkUyI6IjE3NzYiLCJkb21Mb2FkRSI6IjE3OTkiLCJkb21DbXBsdCI6IjYzMTEiLCJsb2FkUyI6IjYzMTEiLCJsb2FkRSI6IjYzNjIifX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-123-142.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 21:35:45 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
eligible
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwFYAMBSATAYQGwDMAZAgPYQBOAxgKZKgJEQCOSAjCTQOYC2NUcMDBDIiVYDwAOwGF1ggkATjaKUADgAsRYF35wkAK0Y9SIOmiIB3GgCME8GsKRYNKLEQBuMe3Cds8GhqKeGiKGv5BaIREZl60fgR4bGrJGmpugUlsBKpE0rpeNJZ+nMwQ-PEKxFQANjB6vnwIcBKS7AFBIWEBOWJ1esCSMB40FPakUEgtXMSxMLRIICSkAGaCTlgoAIIAIgAyABpwAPJQzDQA7BrAGgBKAIoAEgCqANIAyns2AFIoezhEAAWwAo4A2232AC0AHIgNAgLD1e4AD2RaAAsrc0AAFA6PLbHPYrIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwHYCkAmAwhgbAMgQHsIAnAYwFMlQF8IBHJARkMoHMBbSqOMGEMnzlgnAA7AY7WCCQBOFHIAcAVlbB2POEgBWdTkRDUADPgDulAEYJ4lAUgwAWFRnwA3GDbj3muR47lcYzlHXwDjXABmfCMPKh9I3GYlZMdVJ0ck5ki5FXwJTQ9KMx82BggeeNlHYQAbGC1vbgQ4UTEWPwCgkM688nqtYDEYN0pSGyIoJFb2aNiYKiQQQiIAMz57DBUAQQARABkADTgAeSgGShRHYEcAJQBFAAkAVQBpAGV9ywApFX2sfAAC2ApHAmx2BwAWgA5EDGEAYBr3AAeyOMAFlbsYAAqHR7bE77VZAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.nydailynews.com
date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.nydailynews.com
date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.nydailynews.com
date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.nydailynews.com
date
Tue, 15 Feb 2022 21:35:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ad_page
ssp.behave.com/ 		20 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.behave.com/ad_page
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
cygnus
as-sec.casalemedia.com/ 		28 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1644960946553&s=200405&r=%7B%22id%22%3A%221644960946%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%3Fdeployment%3Doverlay%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A2452%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%222452%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3d5415480083e684254b1653b8b13411c043c3067fc41db53eac98829c99ae8

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 15 Feb 2022 21:35:46 GMT
Content-Encoding
gzip
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Connection
keep-alive
Content-Length
48
X-AK-CLIENT-GEO
19
Pragma
no-cache
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Expires
Tue, 15 Feb 2022 21:35:46 GMT
cygnus
as-sec.casalemedia.com/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1644960946554&s=200405&r=%7B%22id%22%3A%221644960946%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%3Fdeployment%3Doverlay%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A2452%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%222452%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c690f0c083ce0ea36a15c2e1ea034538366c34b8886817f58ac35c5f86832e12

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 15 Feb 2022 21:35:46 GMT
Content-Encoding
gzip
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Connection
keep-alive
Content-Length
4195
X-AK-CLIENT-GEO
19
Pragma
no-cache
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Expires
Tue, 15 Feb 2022 21:35:46 GMT
cygnus
as-sec.casalemedia.com/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1644960946556&s=200405&r=%7B%22id%22%3A%221644960946%22%2C%22imp%22%3A%5B%7B%22id%22%3A%223%22%2C%22banner%22%3A%7B%22w%22%3A1920%2C%22h%22%3A480%7D%7D%2C%7B%22id%22%3A%224%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%3Fdeployment%3Dagilityzone%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A2452%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%222452%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: www.nydailynews.com
URL: https://www.nydailynews.com/pb/resources/gdist/1182ffa19d76d40ef0af/nydn/nydn-lib1182ffa19d76d40ef0af.js?v=299
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
09cd4435e132fec6e3f1b6a09ae619da55dd6a295b4f33cd32484786fc13e726

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 15 Feb 2022 21:35:46 GMT
Content-Encoding
gzip
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Connection
keep-alive
Content-Length
4215
X-AK-CLIENT-GEO
19
Pragma
no-cache
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.nydailynews.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Expires
Tue, 15 Feb 2022 21:35:46 GMT
integrator.js
adservice.google.com/adsid/ Frame A1AE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame 07C4
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18391

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 07C4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26v%3D1%26taboola_hm%3D%25%25VG...
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VmpaMk9YdVQ1S3RtaXZOM1FmYWZqZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGb-8Xj1qICGoBVGy9uNRD8&google_cver=1
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17811

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-56659f45bd-7rxsg
expires
-1
rtb-h
sync.taboola.com/sg/rtbhouse-network/1/ Frame 07C4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=0nI7mACIKhvcQ0QP8yzZ&pi=taboola&tc=1
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=0nI7mACIKhvcQ0QP8yzZ&pi=taboola&tc=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23997

Redirect headers

location
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=0nI7mACIKhvcQ0QP8yzZ&pi=taboola&tc=1
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT, Tue, 15 Feb 2022 21:35:46 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame 07C4
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=0B9E5FD9E3B246BEB94A104183AF0DEF
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=0B9E5FD9E3B246BEB94A104183AF0DEF
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17857

Redirect headers

date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=0B9E5FD9E3B246BEB94A104183AF0DEF
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://imprnjmp.taboola.com/
access-control-allow-credentials
true
x-varnish
500938017
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame EF3F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c241839a9038912478c4f259ea1be854d09a30837fed6550b069a0915604e77d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|3|196|8|26|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 15 Feb 2022 21:35:46 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
Content-Length
1667
Connection
keep-alive
ads
pubads.g.doubleclick.net/gampad/live/ Frame 1CBC 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F30690318%2FTRONC_RON_Ora_Desktop&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3125191386259365&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=820022053&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=5E97222B-349B-4522-BD47-6EDD2310C49D&nel=0&eid=44725356%2C44738437%2C44750822%2C44752711&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dlt=1644960936845&idt=2920&dt=1644960946592&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=3733589347212062&ged=ve4_td10_tt8_pd10_la10000_er2376.441.2534.747_vi0.0.1200.1600_vp0_ts7_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 0A3C 		86 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F30690318%2FTRONC_RON_Ora_Desktop&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3615068588127372&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3616164917&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=9D3FC052-C6F6-4467-8040-164F2D95B3E6&nel=0&eid=44750823&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dlt=1644960936845&idt=2710&dt=1644960946595&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=481912421236341&ged=ve4_td10_tt8_pd10_la10000_er1700.441.1858.747_vi0.0.1200.1600_vp0_ts7_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
feb38938fa5366e86396c9774bd28eae74449f7f8c02f38c59a354d7b18062de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19401
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EF3F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7341874419548819343
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7341874419548819343
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:46 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0df7ba3e-b266-43f8-bb0e-2c9d30318aaf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7341874419548819343
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EF3F 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EF3F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB
date
Tue, 15 Feb 2022 21:35:46 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame EF3F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e95620c-1ca9-4700-919b-67f5c4b03518
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e95620c-1ca9-4700-919b-67f5c4b03518
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:46 GMT

Redirect headers

Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
MT3 4133 baa842e master nrt-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3e95620c-1ca9-4700-919b-67f5c4b03518
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 15 Feb 2022 21:35:45 GMT
crum
dsum-sec.casalemedia.com/ Frame EF3F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030001_620c1cb2d1700&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_620c1cb2d1700
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_620c1cb2d1700
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:46 GMT

Redirect headers

date
Tue, 15 Feb 2022 21:35:46 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_620c1cb2d1700
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame EF3F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b7508a1b-c09f-488f-a731-169d5be0949d&expiration=1676496946
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b7508a1b-c09f-488f-a731-169d5be0949d&expiration=1676496946
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:46 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b7508a1b-c09f-488f-a731-169d5be0949d&expiration=1676496946
date
Tue, 15 Feb 2022 21:35:46 GMT
server
Kestrel
content-length
0
rum
dsum-sec.casalemedia.com/ Frame EF3F
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YgwcqAdSSrXi2CkqYWrfowAA%26553
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:46 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17811
crum
dsum-sec.casalemedia.com/ Frame EF3F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NR0ktyTD1Nk5u95
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NR0ktyTD1Nk5u95
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:46 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:45 GMT
Server
PingMatch/v2.0.30-706-g7d26040#rel-ec2-master i-0f234c2bf52f155ed@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NR0ktyTD1Nk5u95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame EF3F 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB&orig=video&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17811
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8AjAzgdwGSkrMB9ZAlhDLgQCbwCMADAJwDM6YMAjgK4zIS4QEC2nCCD7AqANgAsE2mLoSxAVgWV0yAPZswAYxjwQZZKpgBzAVG7lk8dFuGgCxqOXi1KtBQA4J6EMZjn4ACtDPjUyXWp0VBgUIhhnACYJBQT0ADcCQl4KSklpWVoJXOlqMUZwjJ1nSnoxSg96iQ8UqTqa90xfGAyYVGqjdn8qigUbABsCfwheAS47cSkZOTExL3HJ8xBgAjS4QjUoeCFjcu6CHXgyVTUAMwsKBIUAQQARABkADQgAeSgWGAA7BIQBIAEoARQAEgBVADSAGU3ogAFIKN4AYXQAAtwGRSA9nu8AFoAOTI1DICUm4IAHjTqABZUHUAAKH0hT2+bxuQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwBMArAIwBsA7ACxpkzAA2A9gJ4owoEeNwBucTiF5owMAI4BXGHmJkcINQqhE88AJwAGAwA96RmfKUqcEAgJUgUweA2bM9Zvc3rVmjDGAEAMYw8AByAIJsMCCcpBSRaCAKQbbcUDhQCihIcC5JmtoQ8fD0AMxoeNwKYCHwGniVMADmAkLxumhBjqAEzdoUerR61AAcrCDNgsIAVo0o3OzwBmgA7jBIhMTkVMzUlGiiBFs7ru6ezK6G5dFHIadl9LSjz8yj+25PtGUjGJMwRxgq1OTUUgnuFHoXU4BGmtnsEB6Lnobg8Bi8TFoByCMOmIGABHEYEI6XgiOaFXYd1CZEq3AAZsUdjQIgARAAyAA0IAB5KByGAsEDMABKAEUABIAVQA0gBldlIABS1HZAGE0AALcBqZnUNnsgBaYTIBjIlFhYuMxgMAFkRQYAAqciURHns+lAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwBMArAIwBsA7ACxpkzAA2A9gJ4owoEeNwBucTiF5owMAI4BXGHmJkcINQqhE88UeRjcZ8pSpwQCAlSBTB4DZswCc9AAxPm9as2oYwBAGMYeAA5AEE2GBBOUgpwtBAFAItuKBwoBRQkOHsEzW0IWPhqVzQ8bgUwIPgNPDKYAHMBIVjdNACbUAIG7QonWidqAA5WEAbBYQArOpRudnhSgHcYJEJiciofSjR9NY2HZzcPBydXegBmSP0g-fP6WiGH5iHqSkd72nPBjDGYfRhFvt6opBDcKIx2pwCBMLFYIJ17PRHC53J5GJRaJDoUIQMACOIwIRUvB4Q1LuxrsEyGVuAAzQobGhhAAiABkABoQADyUDkMBYIGYACUAIoACQAqgBpADKrKQAClqKyAMJoAAW4DUjOoLNZAC0QmRXGRKNCRQAPC2uACyQtcAAV2WKwlzWbSgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAJgAYaAWGgVkzBgEcBXGQifCRAFseEEIODwAjADZ69AJzSa8+tKZMAzJkIB7TmADGMeCBSFtMAObCofCoXiYDY0IktQK8eZPlMAHPSYIJYwtvAAVuaCOmjwNJgA7jAARsSknlT0TFSYAG6IaZ4ycorK9MXyNNJaaPlGRRrSkn7N9H7Zck2SGr7YwTD5MAlFFlyh9ZR+TgA2iKEQAsK8LlKyCkoq0gDsOzNztiDAiLlwxDpQ8KKWNQOIRvAo2joAZnaUVEwAggAiADIAGhAAPJQdgwLb0ED0ABKAEUABIAVQA0gBlX7JABSTF+AGFMAALcAocjvL5-ABaADkUDQUFQ5rD0OgaABZaE0AAK-3hnyBv2eQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwBMArAIwBsA7ACxpkzAA2A9gJ4owoEeChB4IACxggyaMDACOAVxjiYZHDJxKoRPPFoBOSgAYAHswAcJuYpXicEAgPEgUwA-WbND9E4eZ6aisMMAIAYxh4ADkAQTZpTlIKOLQQJXCnbigcKCUUJDgDNI0dImT4RjQ8biUwSPgZPGqYAHMBIWT9NHC3UAJW3QpDRkNLOjTWwWEAK2aUbnZ4GwB3GCRCYnIqZmpKNAA3Ak3thm9ff2YzwxN6AGYEo8jTu-paS3erPe832jvDagYEBTI4wFanFrKQTPYY9TgEaZOFwQPqec5+AJMSyscLw6YgYAEA5wQjZeAo1oPdhPKKyGoAMwgFRosQAIgAZAAaEAA8lAFDAWCBmAAlACKAAkAKoAaQAyuykAApajsgDCaAk4A02xZHIAWtEyCYyJQEWKzGYTABZEUmAAKnIlsR57PpQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwBMArAIwBsA7ACxpkzAA2A9gJ4owoEeChB4IACxggyaMDACOAVxjiYZHDJxKoRPPACcjAAwAPGsbmKV4nBAIDxIFMHgNmzA-WMHm9atSWwGAEAMYw8AByAIJs0pykFDFoIEqh9txQOFBKKEhwbikaOkSJVPRoeNxKYOHwMniVMADmAkKJ+mihzqAEzboURgYAHHQpzYLCAFaNKNzs8JYA7jBIhMTkVMzUlGgAbgTrm+6e3r7uBsb0AMxxB+HH1-S0wy-Mo5Qez7TXBtQYIAmBxgS2OTWUggeFFollCnAIk3sjggPTc9A8Xh8fkYwwqcIRQhAwAIezghEy8BRzVu7HuEVkVQAZhAyjRogARAAyAA0IAB5KAKGAsEDMABKAEUABIAVQA0gBlTlIABS1E5AGE0BJwBpNmyuQAtSJkYxkSgIiWmUzGACyYuMAAVuVLonzOYygA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvATgIwYKwA4AWAMhQFMIAbAewE8wz4AXNagNzICdKRbjOyARwCuZAM5MyKRCGnD40JmMwAGFQA8AbGtJkQlZOgBMWIyqNGAzAEkAGpcKbiETtGBk0RzQDo1f4iDCwEzQ1EjwwmAARlxoWAFyCkyGaJqWziCcTPCx0PDk6hlZOZyIYopkKWYqhCq4-EKiEoghDBLgEHGahIQY2hiOuLgkYtTCnO5osmLEYmSwDMyGysSgkDAIqJg4BCQgsIwsAFYzYNTkaCrEAO5kUeWSW0aEuEbEbNAPW1jdvf2EP16KjSug+7m+lk0WHw0MI+FePShWEseAyBw+ZGu31mjUY4PQWHiwEo0EOrXETA6XR6fRUA00AHYMAzViTDiAINAOJxymE0JTYOlyGCPChZtQAGbJJ64ACCABEADK2JgAeXggjIDMIIEIACUAIoACQAqgBpADKiqiAClcIqAMLEAAWmWkMoVioAWgA5FAqFBGUkG9TqFQAWT1KgACrYjbLVYqJUA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_fill
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_fill?wklz=MYQwtgDiCWDmB2B9aATAvATgOwYBwFYBGAMhQFMIAbAewE8wz4AXNMEAZyYAsyQViATmQCOAVzKcyKRH0Sj40JuzSEMAJgAMADwAsuDaV6Vk6NYU1q1AZgCSADSs6AbMQgDowMmjVOAdBoCA4hBRYCZoaiR4UTAAIzIBFWDpeUUTNCxXEAEmeAS0aHhyLSycvIFEdkUydM0NHQ18QRFxTkRwhk5wCBUnHR0MJw0MZ3x8F3ZqUQFPND52YnYyWAZmE2ViUEgYBFRMHAISEFhGFgArBbBqcjQDAHcyWKqmMj21HXw1YgA3aGe9wh9AZDEaAgYaJxWQy-TwAqxOQi4RF6T79BGEKwYJpQE6-Mh3AGLFqMWHocybSjQU4dCRMbq9fqDYbOXCOClU5ggCDQb4JKqRNB02BQ8gwrz8SYAMyYtXwAEEACIAGTsTAA8vBhGQsDoQDoAEoARQAEgBVADSAGUlbEAFL4JUAYWIXGy0je8uVAC0AHIoDQoNRUw1aLQaACy+o0AAU7Ma5WqlZKgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_selected
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_selected?wklz=IYVwxgLglg9gdgfTiAtgIwKYCcC8BGAMjSgBMBnHAUgFYAhSgdnoCZmUMSpgEIBPABwyVWlAMwBBYc05l+AG2C8pwgMJT+wLBDjZlEqVDgkMAD2XM1rY-Ji92cCHsmsYAN2wKlIi1OPA5CKROUsx4zAAMrKIAkgAaogAsAGzmlsz8WFBgQiL6rMxJAHThJSWpUqCQsIjI6Lq54niqFSQIIHBQEIEkwaxJosoMACI0QwRkMCBY2TjA5ARgwCgaUADmHSQ4AJx4W9QAHAkEwKsYDjggZNgEKDDGOOEEAO4YaGSdGKQ4zAnUzASuKDvaCbPBJBIJLZJcJbBJgyHhfoEYyA7JfPCiJJ4fbYhL7P4QrEYvYEDSnQEYJ7o8YYACOIDOaNBogWcigZwg0HYZAgS34+HBkOhsKS+0SrPZDmA-Cg7iw73gOF5qxZKKyGBwJHGMAAZl0vsxqOIhgAZWIQADycFpGAYCWACQASgBFAASAFUANIAZRNaAAUtQTSoCAALTStA1G00ALQAciRwiRmOznSYTOEALKO8IABVirvEFpNOqAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
e0dd2acd3574679864cd76965aa5dce2.png
assets.bounceexchange.com/assets/uploads/clients/1682/ads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/1682/ads/e0dd2acd3574679864cd76965aa5dce2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94c3631f006e651412da2380a5079c9168aec4a632ff17f03a23f6aa3cd7ee0a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:07:26 GMT
age
394100
x-guploader-uploadid
ADPycdt0jmetzYSqFzqi3Kxm5RW2p7rFFM2Xduz038FX-WhseVgkiSLwpEP6kZlaA_SrklTEZF847PJBKVUcOKsttWRqi1WtOw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
3706
last-modified
Sat, 03 Aug 2019 00:30:55 GMT
server
UploadServer
etag
"e0dd2acd3574679864cd76965aa5dce2"
x-goog-hash
crc32c=L9PGkw==, md5=4N0qzTV0Z5hkzXaWWqXc4g==
x-goog-generation
1564792255352236
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=604800
x-goog-stored-content-length
3706
accept-ranges
bytes
content-type
image/png
expires
Fri, 18 Feb 2022 08:07:26 GMT
bid_selected
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_selected?wklz=IYVwxgLglg9gdgfTiAtgIwKYCcC8BGAMjSgBMBnHAUgFYAhSgdnoCZmUMSpgEIBPABwyVWlAMwBBYc05l+AG2C8pwgMJT+wLBDjZlEqVDgkMAD2XM1rY-Ji92cCHsmsUwMhAAWGYCXOXp3nIIpE5SzHjMAAysogCSABqiACwAbH7qWFBgQiL6rMwpAHSRJSXprKCQsIjI6Lq54niqUj4IIHBQEMG+DVIMygwAIjSDBGQwIFjZOD5kBGDAKBpQAOYdJDgAnAybABzUhMArGA44IGTYBCgwxjiRBADuGGhknRikOMxJ1MwEAG5QV7QDZ4FJJJKbFKRTZJUEQyIpUQEYwA7IfPCiFJ4XbYpL7L6pPAYzbUAgaY4AjAPdFjDAARxAJzRIKS8zkUBOEGg7Hci34+DBEKhMJSu1EuzZHIcwH4UD+2Fe8BwECOSJRWQwOBIYxgADMuh9mNRxIMADLxCAAeTgdIwDCSwCSACUAIoACQAqgBpADKprQAClqKaVAQPJoSN1PsazQAtAByJEiJGYHJdJhMkQAsk7IgAFeJu8SW026oA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
f3e4aafd19cff480007de81efe7fd790.png
assets.bounceexchange.com/assets/uploads/clients/2045/creatives/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/2045/creatives/f3e4aafd19cff480007de81efe7fd790.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bcff976e7ce876d75d1abf21536efede75952bbbd184120aceacca6847ce680f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.nydailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 22:13:17 GMT
age
256949
x-guploader-uploadid
ADPycdvFFnwZjxYbCCQPqRES5CU-H9rq6RuP_N0LKcPC5TyYuZx6NjnZul8bWQHe9iBs7FU4xNvv5sXt8zxfAxdTVL9vI8k4mg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
4452
last-modified
Sat, 03 Aug 2019 00:33:08 GMT
server
UploadServer
etag
"f3e4aafd19cff480007de81efe7fd790"
x-goog-hash
crc32c=rq2lKg==, md5=8+Sq/RnP9IAAfege/n/XkA==
x-goog-generation
1564792388924970
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=604800
x-goog-stored-content-length
4452
accept-ranges
bytes
content-type
image/png
expires
Sat, 19 Feb 2022 22:13:17 GMT
csi
csi.gstatic.com/ Frame 0A3C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kzon9s7s&c=6078709350138&slotId=3039354675069&qqid=CPTkk4fVgvYCFTjKGAIdSREOvA&gqid=shwMYvPzJY_A48AP3tO4qAY&fb=ima_html5-lima&sdkv=h.3.500.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44750823&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&met.4=ghmsh_s.kzon9xtv~ghmsh_s.kzon9xtw&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=N-u-GjcKZIEno6cz
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4002:80e::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame B521
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%25%25VGUID%25%2...
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18391

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=NDqkz5IgwmFK&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-56659f45bd-7rxsg
expires
-1
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame B521
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18391

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=1a3424ab-020f-4c94-a053-0f8e03b21962
date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/ Frame B521
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58533/occ
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18391

Redirect headers

location
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-g.0dBdJE2uG8WBROa94Oqaf45yZcoSQfTYGDr6E-~A
date
Tue, 15 Feb 2022 21:35:46 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync.taboola.com/sg/rtbhouse-network/1/ Frame B521
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=JlwcJ0pDp6buMDi4Bt7k&pi=taboola&tc=1
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=JlwcJ0pDp6buMDi4Bt7k&pi=taboola&tc=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23178

Redirect headers

location
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=JlwcJ0pDp6buMDi4Bt7k&pi=taboola&tc=1
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT, Tue, 15 Feb 2022 21:35:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch
ssum.casalemedia.com/ Frame DDCA 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c39bafbc68e818a7b1f4b4b16a99df7c62773148e0181f902f5c103af8e1ecc6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
4|130|88|65|152|111|218|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 15 Feb 2022 21:35:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Content-Length
1383
Connection
keep-alive
SPug
simage4.pubmatic.com/AdServer/ Frame 8B8F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rum
dsum-sec.casalemedia.com/ Frame DDCA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8271880283115917977
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8271880283115917977
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8271880283115917977
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame DDCA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABeU07EGDkAAAPyeAisoQ&expiration=1646170547
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABeU07EGDkAAAPyeAisoQ&expiration=1646170547
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABeU07EGDkAAAPyeAisoQ&expiration=1646170547
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame DDCA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgwcqQAGbTJD6QAy
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgwcqQAGbTJD6QAy
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644960947.130723,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgwcqQAGbTJD6QAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame DDCA
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3bba3de15c1a08e9&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKsCBI3ffgAM2PWkKAAAAAAA&expiration=1645047347&is_secure=true
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKsCBI3ffgAM2PWkKAAAAAAA&expiration=1645047347&is_secure=true
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAADKsCBI3ffgAM2PWkKAAAAAAA&expiration=1645047347&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame DDCA
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9238ff68-3660-4b84-a641-278608462f9b
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9238ff68-3660-4b84-a641-278608462f9b
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:47 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9238ff68-3660-4b84-a641-278608462f9b
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DDCA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8144174960646922484&expiration=1646170547
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8144174960646922484&expiration=1646170547
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8144174960646922484&expiration=1646170547
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
demconf.jpg
dpm.demdex.net/ Frame DDCA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YgwcqAdSSrXi2CkqYWrfowAA%26553?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YgwcqAdSSrXi2CkqYWrfowAA%26553
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YgwcqAdSSrXi2CkqYWrfowAA%26553
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
100.20.199.76 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v025-067f5e627.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nufUljkBRY8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v025-0abc5760c.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
p47P1mp5Qko=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YgwcqAdSSrXi2CkqYWrfowAA%26553
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame DDCA
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 21:35:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 15 Feb 2022 21:35:47 GMT
server
nginx/1.20.0
content-length
76
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame DDCA 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YgwcqAdSSrXi2CkqYWrfowAAAikAAAAB&orig=video&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22508
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf7carBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oO2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=-_kFgo7k2XI&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&label=videoplaytime50&ad_mt=5248&acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5302%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1246%26pst%3D422%26dur%3D10054%26vmtime%3D5248%26dvs%3D0%26dfvs%3D0%26dvpt%3D2547%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26ic%3D512%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D32%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960947338%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 28C2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5302%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1246%26pst%3D422%26dur%3D10054%26vmtime%3D5248%26dvs%3D0%26dfvs%3D0%26dvpt%3D2547%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26ic%3D512%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D32%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960947338%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf7carBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oO2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=-_kFgo7k2XI&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&label=video_skip_shown&ad_mt=5248&acvw=sv%3D922%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26p0%3D1624,319,1933,869%26p1%3D1624,319,1933,869%26p2%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5304%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1248%26pst%3D422%26dur%3D10054%26vmtime%3D5248%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26cs%3D4626%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D32%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960947340%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1644960941214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:47 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:46 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
abt
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:47 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
abt
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:47 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame A1AE 		264 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
2341a1d6b319bc5f3df7a216184273212d2444fde8aad7edf41645b1be032b74

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:48 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
215
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame 3FFE 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nydailynews.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nydailynews.com
pragma
no-cache
date
Tue, 15 Feb 2022 21:35:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 28C2 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf7carBwMYsDPE9HABcngn5gD_5OwsGi-w5OXpQ_j5IOlriQQASDuuas3YH2gAdib6IYDyAEFqQL3TAHuqEuqPuACAKgDAZgEAKoE_AJP0BHlcqXlkO1VpHNCNvm_yHnQ9dxGLCKTluJjZTEstx1Qnwdk4CXZIK0LRHQpuofnKT2J7bN6vYNKPkiNVQlfefC1wcbhtSiHO1tYW3-LYSb3FITnMyq9mq7BWLCslx8zqNQcWxRpvA8XTaQCxkor1XCEzIUyTmtD5ezIKD5mnheL7F1U-iabt27iACwdOJoupfiglssTgWpVo-QnFZ5ILuUyVcxzlQjURH3ohnN2olu5mQ2AkRBuIAXUYD_qk3pwv_HSLLbIGmaZjq9PxbkdWneDrvKxyNWrANmdbpthTsoQqgMOjc3-WOZwlbuKn5PADXSl3-dn3u52vhd7Um5J-dATkIR0bJoQV4rJUBu5FinD2Nc2xiB_fv57Q9I3J3GGU2mPwgfi8JzNScdQswRFIwKG_NgKa3yfXp4-Miz53vtg7xeBgmXE54XDuF9TI64rydnubGqW5ldH1flOeNtCzGcYD4-pvYtkgDvaSVT-w4bicouwuQATPk-qoMAEj_DByesD4AQBoAZUgAeQ5Jd5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgdgAoDyAsBsBOO55oO2BMN2BQB0BUBqBYB4hYCCAH4FgGAFwE&sigh=-_kFgo7k2XI&cmd=Ch1jYS12aWRlby1wdWItMTEzNTIzNTk2NDA4NjUwMBAAGAI&label=videoplaytime75&ad_mt=7749&acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7803%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1851%26pst%3D422%26dur%3D10054%26vmtime%3D7749%26dvs%3D0%26dfvs%3D0%26dvpt%3D2501%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26i3%3D18%26ic%3D0%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D44%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960949840%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:49 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 28C2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5803024030475958305;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1624,319,1933,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7803%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1851%26pst%3D422%26dur%3D10054%26vmtime%3D7749%26dvs%3D0%26dfvs%3D0%26dvpt%3D2501%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26i3%3D18%26ic%3D0%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1525%26femvt%3D0%26emc%3D44%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D160673207%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1644960938453%26ptlt%3D1644960949840%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644960941214?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame A1AE 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=150597
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.71.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-71-134.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 15 Feb 2022 21:35:49 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.nydailynews.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
delayplay
s.youtube.com/api/stats/ Frame 28C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/delayplay?ns=yt&fexp=44750823%2C44752711&el=adunit&cpn=ysz5HnVZ1sfQ5LiV&docid=cdUS5Zomv8s&ver=2&cmt=8.249&fmt=18&rt=8.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.nydailynews.com%2F&len=10.054&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=98.0.4758.80&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
integrator.js
adservice.google.com/adsid/ Frame A1AE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame F68C 		156 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8749%2C4011%2FTribune&description_url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=954829056142908&sdkv=h.3.500.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3610163194&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.500.0&sid=8B0A0E86-7003-4295-B7D9-7F865F7DF477&nel=0&eid=44730896%2C44738437%2C44750822&top=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&url=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&loc=about%3Ablank&dlt=1644960936845&idt=2813&dt=1644960950568&cookie=ID%3Dbf5843766d0ed510%3AT%3D1644960935%3AS%3DALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ&scor=1654940932207761&ged=ve4_td14_tt12_pd14_la14000_er2376.441.2534.747_vi0.0.1200.1600_vp0_ts11_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.500.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

647 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 function| structuredClone object| webviewParam object| hashParams object| outputType undefined| newRelativePathQuery object| trb function| i$ function| _toConsumableArray object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer undefined| metaTwitterDnt function| OptanonWrapper object| zephrBrowser number| uniqueIDValue function| zephrLoad function| determinePaywallInclusion function| createEvent function| arrangeZephrData number| nativoLazyLoadOffset object| baselineServices object| DOMHelpers2 function| _createClass function| _classCallCheck function| DeviceDetection function| LazyLoadService object| lazyLoadService function| FeatureAPIHelpers function| TimestampService function| _typeof object| Helpers2 object| UrlParams function| ScriptLoader string| ANALYTICS_REFERRING_PAGE_KEY string| LEAD_ART string| ARTICLE_BODY string| HOMEPAGE string| HOMEPAGE_STORY_FEED string| PLAYLIST string| VIDEO_DETAIL_PAGE string| LIVEBLOG string| GF_PLAYLIST_PARENT string| ARTICLE_GALLERY string| GA_DEFAULT_CD string| RIGHT_RAIL object| genericHelpers function| httpService function| TrackScrollingService function| trackClick function| trackMessages function| trackScroll function| handleMutations function| trackScrolledItems function| trackTaboolaFeedScroll function| trackClickReferrer function| trackElementRenderImpression function| trackElementFocus function| arctrackListeners object| services boolean| disableDssWebview string| minDss object| googletag object| ads object| oVa object| YieldmoService object| serviceCallbacks object| pageBuilder number| _sf_startpt string| GoogleAnalyticsObject function| ga number| BOOMR_lstart function| StickyAdService object| regeneratorRuntime object| ZeusAdapter string| zeusAdUnitPath object| zeusKeyvalues boolean| isSubscriber boolean| isUserLogin function| TaboolaFeedScrollService object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| confiant object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| apstag function| checkInfuse object| breakpoints function| mountGallery function| $ function| jQuery function| infuse object| components function| setImmediate function| clearImmediate object| doc object| loc object| _sf_async_config number| _sf_endpt object| otStubData object| pbjs object| TRC object| _taboola object| _tblConsole object| _comscore object| google_tag_manager function| BOOMR_check_doc_domain number| BOOMR_start object| ErrorStackParser object| UserTimingCompression undefined| google_measure_js_timing object| lotame_13200 object| zeus object| google_tag_data object| gaplugins object| registration function| udm_ object| ns_p object| COMSCORE boolean| creativeVendorLibraryLoaded function| lotameIsCompatible function| lt13200_ba function| lt13200_b undefined| lt13200_c undefined| lt13200_ca undefined| lt13200_da function| lt13200_ea object| lt13200_fa function| lt13200_ga function| lt13200_ha object| lt13200_ object| lt13200_5 function| lt13200_aa function| lt13200_a function| lt13200_d function| lt13200_e function| lt13200_f function| lt13200_g function| lt13200_h function| lt13200_i function| lt13200_j function| lt13200_ja function| lt13200_ia function| lt13200_k function| lt13200_l function| lt13200_ka function| lt13200_m function| lt13200_n function| lt13200_o function| lt13200_p function| lt13200_q function| lt13200_oa function| lt13200_la function| lt13200_ma function| lt13200_s function| lt13200_na function| lt13200_t function| lt13200_u function| lt13200_v function| lt13200_r function| lt13200_w function| lt13200_x function| lt13200_y function| lt13200_z function| lt13200_pa function| lt13200_A function| lt13200_B function| lt13200_qa function| lt13200_C function| lt13200_D function| lt13200_E function| lt13200_ra function| lt13200_G function| lt13200_H function| lt13200_F function| lt13200_sa function| lt13200_I function| lt13200_J function| lt13200_ta function| lt13200_ua function| lt13200_K function| lt13200_va function| lt13200_wa function| lt13200_xa function| lt13200_Ba function| lt13200_ya function| lt13200_za function| lt13200_Aa function| lt13200_Ca function| lt13200_Ea function| lt13200_Da function| lt13200_L function| lt13200_Fa function| lt13200_Ga function| lt13200_Ha function| lt13200_Ia function| lt13200_Ja function| lt13200_Ka function| lt13200_La function| lt13200_Ma function| lt13200_Na function| lt13200_M function| lt13200_N function| lt13200_O function| lt13200_P function| lt13200_Q function| lt13200_R function| lt13200_S function| lt13200_T function| lt13200_U function| lt13200_V function| lt13200_W function| lt13200_X function| lt13200_Y function| lt13200_Z function| lt13200__ function| lt13200_1 function| lt13200_Oa function| lt13200_Qa function| lt13200_Pa function| lt13200_2 function| lt13200_Ra function| lt13200_0 function| lt13200_Sa function| lt13200_Ta function| lt13200_Ua function| lt13200_Va function| lt13200_Wa function| lt13200_Xa function| lt13200_3 function| lt13200_4 function| lt13200_Ya function| lt13200_Za function| lt13200__a function| lt13200_0a function| lt13200_1a function| lt13200_2a function| lt13200_3a function| lt13200_4a function| lt13200_5a function| lt13200_6 function| lt13200_7 function| lt13200_8a function| lt13200_9a function| lt13200_7a function| lt13200_6a function| lt13200_ab function| lt13200_$a function| lt13200_cb function| lt13200_bb function| lt13200_8 function| lt13200_db function| lt13200_eb function| lt13200_fb function| lt13200_gb function| lt13200_hb function| lt13200_jb function| lt13200_mb function| lt13200_lb function| lt13200_ib function| lt13200_pb function| lt13200_kb function| lt13200_nb function| lt13200_rb function| lt13200_qb function| lt13200_sb function| lt13200_ob function| lt13200_tb function| lt13200_ub function| lt13200_vb function| lt13200_9 function| lt13200_wb function| lt13200_xb function| lt13200_yb function| lt13200_zb function| lt13200_Ab function| lt13200_$ function| lt13200_Bb function| lt13200_Cb function| lt13200_Db function| lt13200_Eb function| lt13200_Fb function| lt13200_Hb function| lt13200_Ib function| lt13200_Jb function| lt13200_Gb object| PARSELY object| headertag object| Optanon object| OneTrust object| ats string| p1836623806 number| p1836623807 function| p1836623825 function| oConvTrackURL_ function| p1836623808 function| p1836623804 function| p1836623802 function| p1836623814 function| p1836623811 function| p1836623809 function| p1836623785 function| p1836623790 function| p1836623776 function| p1836623775 function| p1836623773 function| p1836623766 function| oEnableNullChecklistener_ function| p1836623818 function| p1836623757 function| oPageUnload function| p1836623686 function| p1836623691 function| p1836623810 number| p1836623676 string| p1836623677 object| p1836623678 object| p1836623679 boolean| p1836623680 number| p1836623682 number| p1836623683 object| p1836623704 string| p1836623746 number| p1836623687 object| p1836623754 string| p1836623722 string| p1836623723 object| p1836623760 number| p1836623761 boolean| p1836623765 number| p1836623767 boolean| p1836623769 boolean| p1836623819 boolean| p1836623794 boolean| p1836623821 boolean| oObserverChanges_ boolean| p1836623820 boolean| p1836623822 boolean| oAudienceListenerEnabled_ object| p1836623771 string| oDevice string| oParentHostname_ string| oParentPathname_ boolean| p1836623772 boolean| p1836623774 number| p1836623789 boolean| p1836623791 number| p1836623792 object| p1836623781 object| oAdSlots_ object| otkjs boolean| p1836623812 boolean| p1836623813 object| optimeraInsights string| p1836623823 object| oTrackSlots_ string| p1836623731 function| p1836623684 string| p1836623685 boolean| p1836623753 boolean| p1836623733 object| p1836623732 string| p1836623751 number| p1836623735 object| opbjs object| oaudLibjs object| ovpjs number| p1836623734 object| ID5 object| gaGlobal object| gaData object| pb_global object| banditoEnv object| clavis object| _smtr object| _uzactfeed object| FeatureCompatService function| CollapsibleService object| collapsibleService function| ShowMoreStoriesService object| keyBoardNavigation object| stickyAdService number| APP_BAR_HEIGHT function| TrayService string| DEFAULT_SEARCH_PATH string| INPUT_IDENTIFIER string| INPUT_IDENTIFIER_UNPROCESSED string| FEATURE_API function| InputAutocomplete function| ScrollToggleService object| initAnalytics object| clsImagesContainer function| _defineProperty function| TaboolaService function| loadError function| initTaboolas function| initTaboola object| taboolaService function| NewsletterService object| TaboolaAPIHelpers function| TaboolaAPIService object| taboolaAPI object| OneSignalService function| loadAdmiral function| ScreamerServiceNew object| taboolaRequest object| imageService object| _newsroom string| pm_pgtp undefined| msg string| _uri string| _context string| _outputType string| _rid object| Zephr object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| oDv number| p1836623688 string| oUrl_ object| responseTaboola function| confiantDfpWrap number| oIndex4_ number| p1836623703 string| scmPrty object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| _smtrErr object| shqChromeOnsiteResponse object| _shqdbl object| _shqDebug object| SmtrRmkr boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter number| newsroomStartsLoadingTime object| tbNewsroom function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id boolean| plHookRanOnce function| initSwap object| swapRegionMapping undefined| swapConfig object| TRCImpl number| taboola_view_id string| prop object| google_optimize object| _mather object| _mg2q object| tid object| _matherq object| PubMaticSync object| dsl string| subStatus object| _cbq function| admiral object| tracker object| recaptcha object| teadsscript number| BOOMR_configt function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| qi object| _pm_mcg boolean| _tb_vd_pg function| OneSignal object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY function| 4dm1r11545242527 object| list object| placementData string| nam object| teads string| lock object| zephrOutcomes string| key object| ampInaboxIframes object| ampInaboxPendingMessages function| cnx object| c number| __oneSignalSdkLoadCount function| __jp0 string| testAndVariation object| zephrAccessDetails undefined| activeProducts undefined| activeProductLength undefined| activeProductCount undefined| leftEarOutcome undefined| rightEarOutcome undefined| accountFlyoutOutcome string| topicFlyoutOutcome string| subButtonOutcome undefined| regWallOutcome string| toasterOutcome function| readCookie function| cookieValue string| toasterCookie string| toasterValue object| zephrTestGroups number| leftEarMetric number| rightEarMetric number| accountFlyoutMetric number| topicFlyoutMetric number| subButtonMetric number| regWallMetric number| toasterMetric object| zephrMeters object| zephrTrialTrackingDetails object| zephrCredits undefined| entitlementName undefined| entitlementId number| countIncremented undefined| entitlementObj undefined| num object| cnx_usr_storage object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| cnxProxyTask number| google_global_correlator object| closure_lm_378121 number| _tlTagsPending number| BOOMR_onload function| bx object| tbopt object| GoogleGcLKhOms object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.66.1 object| bouncex object| _qsie object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| cmTag object| _cm_wfCounters object| google_image_requests function| close_bouncex_ad function| cnxAddEventListener

258 Cookies

Domain/Path Name / Value
.taboola.com/nydailynews-nydailynews/ Name: taboola_session_id
Value: v2_81cb475e9b35cbbef27ae487319429ec_7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227_1644960935_1644960940_CNawjgYQ97I_GJPfv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE
.nydailynews.com/api/v2/render/feature Name: _lbz
Value: 0
.nydailynews.com/api/v2/render Name: _lbz
Value: 0
.nydailynews.com/news/world Name: _lbz
Value: 0
.resetdigital.co/csync Name: ckbk
Value: 0000009C4A0A2F06
.3lift.com/sync Name: sync
Value: CgoIgQIQh_-_-u8vCgoI4gEQh_-_-u8vCgoI5gEQh_-_-u8vCgoIhwIQh_-_-u8vCgkICRCH_7_67y8KCQhJELP_v_rvLwoJCAsQh_-_-u8vCgoIjAIQh_-_-u8vCgoIzgEQs_-_-u8vCgoIkQIQs_-_-u8vCgoIkgIQs_-_-u8vCgoIlAIQs_-_-u8vCgoImAIQs_-_-u8vCgoImQIQs_-_-u8vCgkIORCz_7_67y8KCQg6EIf_v_rvLwoKCJsCELP_v_rvLwoKCJwCELP_v_rvLwoKCJ4CEIf_v_rvLwoJCF8Qh_-_-u8v
.mrtnsvr.com/sync Name: userId
Value: r3criHqfM
www.nydailynews.com/ Name: akaas_AS_tronc_new_york_daily_news_prod
Value: 2147483647~rv=99~id=7bbb414dc994982c861b06d9ea7f9aee
zephr.nydailynews.com/ Name: blaize_session
Value: 246840ce-a76a-4ea0-8ecd-2e0a2d42afa6
zephr.nydailynews.com/ Name: blaize_tracking_id
Value: 60e65b19-9035-480f-bab3-41daf4a458a0
.scorecardresearch.com/ Name: UID
Value: 1370873ee6a71d5f1969ae81644960935
.nydailynews.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.nydailynews.com/news/world/names-faces-aboard-malaysia-airlines-flight-370-article-1.1739217%22%2C%22sref%22:%22%22%2C%22sts%22:1644960935201%2C%22slts%22:0}
.nydailynews.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=6694fa81ec8c8512d2e50f62121b220d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644960935201}
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: f7a752960b88f39ddc708de0b4bfaade
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDNPNDc1sjQzSLKwSDO2TElJNjewSEk1SDJJSktMTEllAIIkHpnlIBoCBGee3STHOCGd4T8jI8PS6x%2FUYezD097JwNgr7nyEsyfuQ4gf3zSFBabmyYuPujD2pj%2BFMOazxXPgSs4dPcQME9%2B977IA3CokNavXP%2BWGiX%2BYOEccxp58Au6yd0sQRvYihAEl0FI4"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI4pFZDqQggIWBrd8GxGTrlwdR3D5tEKoVSAEAYG0EdA%3D%3D"
.adsrvr.org/ Name: TDID
Value: 013f5489-abdd-43ed-8226-582ddfebe20d
.nydailynews.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.liadm.com/ Name: lidid
Value: 67eaf473-598f-4ce6-a4f1-771054ebc705
.nydailynews.com/ Name: _ga
Value: GA1.2.236439561.1644960935
.nydailynews.com/ Name: _gid
Value: GA1.2.283169956.1644960935
.nydailynews.com/ Name: _cc_id
Value: f7a752960b88f39ddc708de0b4bfaade
.nydailynews.com/ Name: _cc_cc
Value: ACZ4XmNQSDNPNDc1sjQzSLKwSDO2TElJNjewSEk1SDJJSktMTEllAIIkHpnlIBoCBGee3STHOCGd4T8jI8PS6x%2FUYezD097JwNgr7nyEsyfuQ4gf3zSFBabmyYuPujD2pj%2BFMOazxXPgSs4dPcQME9%2B977IA3CokNavXP%2BWGiX%2BYOEccxp58Au6yd0sQRvYihAEl0FI4
.nydailynews.com/ Name: _cc_aud
Value: ABR4XmNgYGBI4pFZDqQggIWBrd8GxGTrlwdR3D5tEKoVSAEAYG0EdA%3D%3D
.nydailynews.com/ Name: panoramaId_expiry
Value: 1645565735250
.nydailynews.com/ Name: panoramaId
Value: 5d8d7c0f271725cf9e07bfa2b9f616d53938c7532622499463f8008334c60a76
.rubiconproject.com/ Name: khaos
Value: KZON9OYT-C-HI4X
.adnxs.com/ Name: uuid2
Value: 7341874419548819343
.nydailynews.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Feb+15+2022+21%3A35%3A35+GMT%2B0000+(GMT)&version=6.9.0&hosts=&landingPath=https%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fworld%2Fnames-faces-aboard-malaysia-airlines-flight-370-article-1.1739217&groups=C0001%3A1%2CC0003%3A1%2CSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1
www.nydailynews.com/ Name: taboolaSessionID
Value: v2_488aea5d1500009605e069b1096b5564_ec978b1f-2925-4b3e-8cfc-c16867015259-tuct905a227_1644960935_1644960935_CNawjgYQ97I_GN3bv_rvLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjGot3Fm8C5-osBcAE
www.nydailynews.com/ Name: _lr_geo_location
Value: CA
.doubleclick.net/ Name: IDE
Value: AHWqTUl-e_98WupUkknJdeSbCb-o6NLMRLfPoKmNqEF6F0esc4__z8pIIKkgeilGZvs
.amazon-adsystem.com/ Name: ad-id
Value: AxMWmrduv0p6hCoNXC-rGaE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.nydailynews.com/ Name: _gat_trb
Value: 1
.nydailynews.com/ Name: _ml_ses
Value: *
.nydailynews.com/ Name: _matheriSegs
Value: MATHER_U9_FIRSTTIMEMET10_20191016
.nydailynews.com/ Name: _matherSegments
Value: MATHER_U9_FIRSTTIMEMET10_20191016
.nydailynews.com/ Name: c_mId
Value:
.nydailynews.com/ Name: c_PUID
Value:
.nydailynews.com/ Name: smtrrmkr
Value: 637805577358380345%5E017eff4f-ef9e-4a8b-a682-baf387f69ec6%5E017eff4f-ef9e-46a7-93a1-41683c42cb68%5E0%5E149.56.153.178
www.nydailynews.com/ Name: _tb_sess_r
Value:
zephr.nydailynews.com/ Name: AWSALB
Value: 3gHV0LR2mu3k8r7Vs+nq/pmFKkwg9QPlx20tvX77/S0mlr2z6D1xEnagVWcPhnI1AjpxN7gDc2qKMgm0Y46bVDA5lEusX9llbPvRSeNFXnogxj2vyx33mh3zqd2E
zephr.nydailynews.com/ Name: AWSALBCORS
Value: 3gHV0LR2mu3k8r7Vs+nq/pmFKkwg9QPlx20tvX77/S0mlr2z6D1xEnagVWcPhnI1AjpxN7gDc2qKMgm0Y46bVDA5lEusX9llbPvRSeNFXnogxj2vyx33mh3zqd2E
www.nydailynews.com/ Name: _cb_ls
Value: 1
www.nydailynews.com/ Name: _cb
Value: 8qGAHCLiSwIBk30TT
www.nydailynews.com/ Name: _chartbeat2
Value: .1644960936338.1644960936338.1.B0sJHpFibGxpiLQ7RqSuIBLychT.1
www.nydailynews.com/ Name: _cb_svref
Value: null
.taboola.com/ Name: t_gid
Value: 7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
www.nydailynews.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
.adnxs.com/ Name: icu
Value: ChgIpJdJEAoYAiACKAIwqLmwkAY4AkACSAIQqLmwkAYYAQ..
.casalemedia.com/ Name: CMID
Value: YgwcqAdSSrXi2CkqYWrfowAA
.casalemedia.com/ Name: CMPS
Value: 465
.teads.tv/ Name: tt_viewer
Value: d9bc8172-91e1-4708-a4b6-64ac5cfe1acb
.nydailynews.com/ Name: __gads
Value: ID=bf5843766d0ed510:T=1644960935:S=ALNI_MZW_MKWLLFb7BK2CiAiWKlbnSqygQ
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9021BD47-D564-4E09-BA75-7F25F0BF77FF
.postrelease.com/ Name: visitor
Value: 4ac3d601-46a4-43cb-abb9-9ad681b98672
.postrelease.com/ Name: status
Value: 1
.krxd.net/ Name: _kuid_
Value: OqiqwM11
.openx.net/ Name: i
Value: 73c31bb9-3e7f-4b2d-9ec7-578a014d7277|1644960936
.ml314.com/ Name: pi
Value: 3625165679464284232
.eyeota.net/ Name: mako_uid
Value: 17eff4ff37c-20ca0000010a4756
.eyeota.net/ Name: SERVERID
Value: 18262~DM
.agkn.com/ Name: ab
Value: 0001%3A0ge4hBW4ywC1cgWK%2BJ2svpuNIaqK50gh
.sharethis.com/ Name: __stid
Value: ZHYADWIMHKgAAAAIFUsnAw==
.sharethis.com/ Name: __stidv
Value: 2
.casalemedia.com/ Name: CMPRO
Value: 553
.openx.net/ Name: pd
Value: v2|1644960936|vMgakWgyiK
.yahoo.com/ Name: A3
Value: d=AQABBKgcDGICECsQjacuL_Ozs3Upj4JZEy4FEgEBAQFuDWIVYgAAAAAA_eMAAA&S=AQAAAtMMma5oz7v6DeezQWT4xOQ
.3lift.com/ Name: tluid
Value: 2849636505712819506532
.yieldmo.com/ Name: yieldmo_id
Value: ge46faded739ab93e512%7C1644960937043%7C0%7C
.kargo.com/ Name: ktcid
Value: aa0d3df1-e764-0cb4-5148-4cf6da590558
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YgwcqQAGbTJD6QAy
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8144174960646922484
.turn.com/ Name: uid
Value: 8271880283115917977
.simpli.fi/ Name: suid
Value: 450D626A3A2B4E83953C6829C5733743
.bidr.io/ Name: bito
Value: AABeU07EGDkAAAPyeAisoQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.nydailynews.com/ Name: _awl
Value: 2.1644960937.0.5-0d15bb2815b2e9a709904de490ba2e3b-6763652d75732d6561737431-0
.adgrx.com/ Name: ADGRX_UID
Value: 36fb55cc-8ea7-11ec-9c76-a035d55853f1
.rlcdn.com/ Name: pxrc
Value: CKm5sJAGEgUI6AcQABIFCOhHEAA=
.owneriq.net/ Name: si
Value: Q6982473371180712174
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-50a8876c-99d8-4b11-424f-14a76c692ac5.D%2BdxmTyQTzpDkmgLPtB1Qe0VOGerZgXKteD9JYqOWQ8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUKiHbJnYSxFCTxSnbGkqxZU4mbI.wcV8brO694YLs8eskA0uXzhD%2F4qqzclcHqpYjroCIuY
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:450D626A3A2B4E83953C6829C5733743
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMUSodXOE1OW3KVu5VLPUCo&KRTB&16514-CAESEMUSodXOE1OW3KVu5VLPUCo&KRTB&23025-CAESEMUSodXOE1OW3KVu5VLPUCo
.contextweb.com/ Name: V
Value: NDqkz5IgwmFK
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 62fcd5506aca081c
.bidswitch.net/ Name: c
Value: 1644960937
.bidswitch.net/ Name: tuuid_lu
Value: 1644960937
.bidswitch.net/ Name: tuuid
Value: ed239641-d788-4f62-a800-8b3ea6dac16f
.adotmob.com/ Name: uid
Value: 074f220407de11c827e93899
.adotmob.com/ Name: uuid
Value: 074f220407de11c827e93899
.adotmob.com/ Name: partners
Value: IX%3A1644960937609
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.technoratimedia.com/ Name: tads_uid
Value: 0B9E5FD9E3B246BEB94A104183AF0DEF
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220215163537-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AABeU07EGDkAAAPyeAisoQ
.openx.net/ Name: univ_id
Value: 537072971|013f5489-abdd-43ed-8226-582ddfebe20d|1644960937660802
.pippio.com/ Name: did
Value: loM-r9R1_wLJh__p
.pippio.com/ Name: didts
Value: 1644960937
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABeU07EGDkAAAPyeAisoQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8271880283115917977
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-013f5489-abdd-43ed-8226-582ddfebe20d&KRTB&22918-013f5489-abdd-43ed-8226-582ddfebe20d&KRTB&23031-013f5489-abdd-43ed-8226-582ddfebe20d
.ads.yieldmo.com/ Name: ptrpp
Value: 3C4Iq6OQzwe8
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&KRTB&16736-uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&KRTB&23019-uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff&KRTB&23208-uid:b815620c-1ca9-4b00-b3df-2ecce97ca2ff
capi.connatix.com/ Name: cnx_userId
Value: 616ed7ca6cf94054a363e9fc9aa63997
.ads.yieldmo.com/ Name: ptrstk
Value: UKiHbJnYSxFCTxSnbGkqxZU4mbI
.ads.yieldmo.com/ Name: ptrbsw
Value: ed239641-d788-4f62-a800-8b3ea6dac16f
.ads.yieldmo.com/ Name: ptrt
Value: 013f5489-abdd-43ed-8226-582ddfebe20d
.pippio.com/ Name: pxrc
Value: CKm5sJAGEgQIAhAAEgYI7OsBEAA=
www.nydailynews.com/ Name: cnx_userId
Value: 616ed7ca6cf94054a363e9fc9aa63997
.creative-serving.com/ Name: tuuid
Value: e6e841ae-f59b-4038-884c-614a98376bee
.creative-serving.com/ Name: c
Value: 1644960937
.mathtag.com/ Name: uuid
Value: 3e95620c-1ca9-4700-919b-67f5c4b03518
.creative-serving.com/ Name: tuuid_lu
Value: 1644960938
.linksynergy.com/ Name: rmuid
Value: 3566068a-e384-49c9-abcf-fc1f74ec0477
.linksynergy.com/ Name: icts
Value: 2022-02-15T21:35:38Z
.spotxchange.com/ Name: audience
Value: 37597b60-8ea7-11ec-b4e0-145284e10203
.rlcdn.com/ Name: rlas3
Value: 0DGAmEqWgq3EWQOr65aYDlvpFbeCWIQjpr2gChtmTBo=
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMRUM3
Value: 33620c1caa2760ed239641-d788-4f62-a800-8b3ea6dac16f&29620c1ca905a0&27620c1ca92760013f5489-abdd-43ed-8226-582ddfebe20d&1f620c1ca905a0&f1620c1ca905a0&0d620c1ca905a00&2d620c1ca905a0&e6620c1ca92760
.casalemedia.com/ Name: CMST
Value: YgwcqWIMHKoA
www.nydailynews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nydailynews.com/ Name: _pubcid
Value: 52eeca36-6634-420d-8bd5-5129c6783458
.pubmatic.com/ Name: KRTBCOOKIE_1235
Value: 23226-7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227:$UID
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1c74|5Ql.0.7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227|7dN.0.AABeU07EGDkAAAPyeAisoQ
.lijit.com/ Name: ljt_reader
Value: 34395a4429ae798181152d2c
.criteo.com/ Name: uid
Value: 6dd842b3-f84a-4806-9cab-93e1e8d6f3ad
.id5-sync.com/ Name: id5
Value: a830eb74-9f4e-3e93-9335-4e15e7da2dc1#1644960935683#2
.mfadsrvr.com/ Name: tuuid
Value: 6bda85a5-2fe9-465b-a7aa-dd391f814622
.mfadsrvr.com/ Name: c
Value: 1644960938
.mfadsrvr.com/ Name: tuuid_lu
Value: 1644960938
.omnitagjs.com/ Name: ayl_visitor
Value: 43603befeb9da004652970b85c0ebb75
.smartadserver.com/ Name: pid
Value: 825540818211311424
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
.lijit.com/ Name: _ljtrtb_42
Value: 7e494481-90e7-4522-b182-9ae776b05b29-tuct905a227
.mfadsrvr.com/ Name: ssh
Value: !taboola,1644960938
.uuidksinc.net/ Name: jcsuuid
Value: 1hjsszwk42XSCP7cwRde
.www.nydailynews.com/ Name: RT
Value: "z=1&dm=www.nydailynews.com&si=28e81515-49e2-49f1-8cf8-db39926e2178&ss=kzon9nm3&sl=1&tt=4wq&rl=1&ld=4wt"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2E?`iy:ki!]tbP6j2F-.aDFd<pAQ.gkM_BielDkjE3Wmi+f+Rif_*ZjG`@#h0Cg6kLd?p*g0D(SRaAp
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjI4NDk2MzY1MDU3MTI4MTk1MDY1MzIiLCJleHBpcmVzIjoiMjAyMi0wNS0xNlQyMTozNTo0MFoifX0sImJpcnRoZGF5IjoiMjAyMi0wMi0xNVQyMTozNTo0MFoifQ==
.pubmatic.com/ Name: DPSync3
Value: 1646092800%3A236_201_197_219_221_228%7C1645488000%3A164%7C1644969600%3A174
.bing.com/ Name: MUID
Value: 38C04D2CEF4161A7132D5C60EE6B60ED
.c.bing.com/ Name: MR
Value: 0
.go.sonobi.com/ Name: __uis
Value: e71b02ea-6e43-4b95-a180-357b61e1aff7
.go.sonobi.com/ Name: HAPLB8S
Value: s8751|Ygwcq
.zemanta.com/ Name: zuid
Value: o7JkaG0JGM2a_wmNYbt2
.linkedin.com/ Name: li_sugr
Value: c9d8585d-03c8-40fa-8ffd-5bab783243de
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b6915774-e726-4b0f-8d0f-db1fb962b317"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2678:u=1:x=1:i=1644960940:t=1645047340:v=2:sig=AQHJnCWzhZC5zR0c2zJR_Cxksq1ks5ug"
.ipredictive.com/ Name: cu
Value: 38d02363-8ea7-11ec-aebc-319bbbf9d2d9|1644960940549
.dotomi.com/ Name: DotomiTest
Value: 7cd664b7563608e7
.fiftyt.com/ Name: fifid
Value: ef4af3fa-6a96-48dc-74e0-ba49b4746ba4
.fiftyt.com/ Name: cs
Value: MTY0NDk2MDk0MHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMOcD9-3kB-g6yx7a7OnQH17eBzjTK91Zh593D2MeDJE
.deepintent.com/ Name: CDIUSER
Value: di_8fcc0cc575414504844a3
io.narrative.io/ Name: io.narrative.guid.v2
Value: 38d70120-8ea7-11ec-9141-120bff9cc4e7
.fg8dgt.com/ Name: tuuid
Value: 3886b247-94c4-45c0-8421-1aa78dc9612f
.fg8dgt.com/ Name: c
Value: 1644960940
.fg8dgt.com/ Name: tuuid_lu
Value: 1644960940
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7341874419548819343&KRTB&23339-7341874419548819343
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-38d02363-8ea7-11ec-aebc-319bbbf9d2d9&KRTB&23011-38d02363-8ea7-11ec-aebc-319bbbf9d2d9
.fiftyt.com/ Name: fppm
Value: 20220215213540
.onaudience.com/ Name: cookie
Value: 7467ebf23af33380
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAADKgqa_i0prANb_nOfAAAAAAA&KRTB&22713-AAADKgqa_i0prANb_nOfAAAAAAA&KRTB&22715-AAADKgqa_i0prANb_nOfAAAAAAA
.tapad.com/ Name: TapAd_TS
Value: 1644960941030
.tapad.com/ Name: TapAd_DID
Value: 53dedc75-b99a-44ee-ad6a-b4a47de6748c
.adsymptotic.com/ Name: U
Value: 46e062e4b7c37634a82216fa39c063b7
event.clientgear.com/ Name: mkuuid
Value: mk6ae5627c-7549-4dbb-9eb6-ca5e74eed4e9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.onaudience.com/ Name: done_redirects161
Value: 1
.us.ck-ie.com/ Name: CID
Value: 735c76c17fa5a74bf8d4338effe465407d59f987
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"CRZ7VL6N4BQL3ABD4GFJ4E666KRNUET7NO2ZWVHVCWDA====","deviceID":"CRZ7VL6N4JNJNXRWW3KM6I4S3DB56FIENCQ3CX4PCWRQ====","iv":"C75637XVTZLDYOUAWRQ4YR6BHI======","v":1}
.cdnwidget.com/ Name: __adcontext
Value: {"cookieID":"CRZ7VL6N4BQL3ABD4GFJ4E666KRNUET7NO2ZWVHVCWDA====","deviceID":"CRZ7VL6N4JNJNXRWW3KM6I4S3DB56FIENCQ3CX4PCWRQ====","iv":"C75637XVTZLDYOUAWRQ4YR6BHI======","v":1}
.nydailynews.com/ Name: __idcontext
Value: eyJjb29raWVJRCI6IkNSWjdWTDZONEJRTDNBQkQ0R0ZKNEU2NjZLUk5VRVQ3Tk8yWldWSFZDV0RBPT09PSIsImRldmljZUlEIjoiQ1JaN1ZMNk40Sk5KTlhSV1czS002STRTM0RCNTZGSUVOQ1EzQ1g0UENXUlE9PT09IiwiaXYiOiJDNzU2MzdYVlRaTERZT1VBV1JRNFlSNkJIST09PT09PSIsInYiOjF9
.exelator.com/ Name: EE
Value: "cfb819eda68346e0374181f0a81aaaa0"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE5LcnC0DI1JdHMwtjELNXA2NzE0MIwzSDRwjARCAwWl6UWLVhaWpyaknRoSUVOSU7T6rL4UMd4N0dfT5%252FIZc4ZRfm5qSvAQmGuQYssLZbkF2WmL3J2XFyUksawqKT4VPD%252B%252BhUAi7kqcQ%253D%253D"
.id5-sync.com/ Name: 3pi
Value: 464#1644960938712#-730945301|2#1644960939068#-1104012149#7341874419548819343|434#1644960940752#2006222943|3#1644960939612#-423295059#3e95620c-1ca9-4700-919b-67f5c4b03518|264#1644960939931#-1982885208#013f5489-abdd-43ed-8226-582ddfebe20d|136#1644960941523#386297599|108#1644960941318#1494685594|429#1644960940228#150707433
.id5-sync.com/ Name: callback
Value:
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2399:18z8~2399:195y~2399"
.quantserve.com/ Name: mc
Value: 620c1cad-98ac1-94d2d-7e138
.onaudience.com/ Name: done_redirects147
Value: 1
.tremorhub.com/ Name: tvid
Value: a09fb837d37c43b08d3ea316a02dc5ed
.tremorhub.com/ Name: tv_UISTB
Value: <taboolaUserId>
.tremorhub.com/ Name: tvssa
Value: 1644960941642
.bounceexchange.com/ Name: bounceClientVisit2452c
Value: %7B%22vid%22%3A1644960941649063%2C%22did%22%3A%221361818485244611395%22%7D
.nydailynews.com/ Name: bounceClientVisit2452v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0AdgJ4AmAhgJZhUUCmxKZAxgPYC2RNhyLEeAJzA1BdPqxQBaAGZ0uc+XQBGPOmJry+dMHSooGddQwkM2CxWAYBzRPIwB2AAzqxCBlzCt5AEYyQNcMAE5cUJAAGhAxGBBYkBRWBxgAbQBdAF8gA
.onaudience.com/ Name: done_redirects252
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGuuYkIIQh9F+1WuCoMxA8a+JUixCbOKdq6kEEgVYLHphmUwa99ONnGD/hRbx95em6EOPy0m7mZjD79QniQXr/UV9GswA2XLtcWQ2jhlxjUX0iL/Q+AxqkR
ssp.behave.com/ Name: tuuid
Value: 8b774a20-ac9a-42a9-b3ec-ac583ee2728b
ssp.behave.com/ Name: c
Value: 1644960941
ssp.behave.com/ Name: tuuid_lu
Value: 1644960941
.onaudience.com/ Name: done_redirects219
Value: 1
ssp.behave.com/ Name: um2
Value: !2,ed239641-d788-4f62-a800-8b3ea6dac16f,414239742
.nydailynews.com/ Name: cto_bundle
Value: vMQ9fl9BaVVGdG55dXM4UEdMamNyNzBtMHI3VTZia0E2OTglMkZPa0t2YjNaQ202aUVRU3JoWmNrVzZiZWlCZlFFYlo0dkVvekRKb0l4Sld3ZVlyQkRrJTJCalRuaEFEc1o2REcxOHhXWE83TmpxTjU3Mk0lMkJ4YzNCT2UlMkYlMkJOeVRJem5MN2pORDk2bHQxbFE0R2o0Wlh1QjJKWnpzZ0ZBJTNEJTNE
.nydailynews.com/ Name: cto_bidid
Value: Yn517195aHllM2dwUU02YUpUOFYya2F2a1lPVGd5eHBhMjd2S1dqTHdIdGxldG1UVkR5Q2pZakIzOGwlMkJNUXZHWWh5ckNUTkhJeDlCQWpGRG9jajV5djNrTVNvcVJyZmc5UiUyRmRIbkxhWkklMkJwQkE3VzhrWWdodUhLYk05VzY4T2clMkJ4bEpi
.pubmatic.com/ Name: SPugT
Value: 1644960942
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 156512:4
.pubmatic.com/ Name: SyncRTB3
Value: 1645315200%3A216%7C1646179200%3A35%7C1646092800%3A57_81_99_8_178_48_176_239_238_166_5_104_55_165_234_71_7_22_233_243_3_21_54_56_222_244_220_231_240_96_204_189_13%7C1645488000%3A38_2_15_223%7C1647475200%3A224%7C1650067200%3A69%7C1645747200%3A63
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.acuityplatform.com/ Name: auid
Value: 647429219865
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjn6jXVzZXJNYXRjaGluZ0lkJLqRbGFzdERyb3BUaW1lTWlsbGlzJQE/P2oAP4yYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBPz9qAD+Mj3RoaXJkUGFydHlVc2VySWRjZWQyMzk2NDEtZDc4OC00ZjYyLWE4MDAtOGIzZWE2ZGFjMTZm+4A2+kLMQyUBPz9qARicRCUBPz9qARicRSH7+4Z2ZXJzaW9uwvs="
.quantserve.com/ Name: d
Value: EOoBEgG5JfijC42ZMA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8144174960646922484&KRTB&23263-8144174960646922484
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-36fb55cc-8ea7-11ec-9c76-a035d55853f1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-647429219865
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-UqUODlX0XwlJrgYMB6YTVFDzDAlJoFtcV69WZ_he&KRTB&19420-UqUODlX0XwlJrgYMB6YTVFDzDAlJoFtcV69WZ_he&KRTB&22979-UqUODlX0XwlJrgYMB6YTVFDzDAlJoFtcV69WZ_he
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-UKiHbJnYSxFCTxSnbGkqxZU4mbI
ads.playground.xyz/ Name: connect.sid
Value: s%3AyeeB9er2ysvpJweic8YFj7RCxFDZDMc9.X9Ed21BE0zwQvbYdQTCqDWCsEE0L1Frr4Bu8dgfmZsA
.sitescout.com/ Name: ssi
Value: 9fd1cf86-dfd6-489f-8670-0d4303a12ebf#1644960944983
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-bd76d9e8-8464-4b53-812a-e277de61e22d
beacon.lynx.cognitivlabs.com/ Name: UID
Value: b7508a1b-c09f-488f-a731-169d5be0949d
beacon.lynx.cognitivlabs.com/ Name: ss
Value: MHrnXJDa%2FRAVKW9oaFS%2BLfSMQLsIBEGz8DsbV9Vess4burbEPOtFV8WK5ggNAgUxpR5aV5dSropjRl0yAViWxA%3D%3D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0NDk2MDk0NTAxMX0
ads.avct.cloud/ Name: uuid
Value: 3aa57f34-f749-4497-9a86-7f17c648fd04
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23175-0000009C4A0A2F06
.w55c.net/ Name: wfivefivec
Value: NR0ktyTD1Nk5u95
.inmobi.com/ Name: idsp_c
Value: 1ead7ede-8c59-411f-b8d3-d00702804dea
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9fd1cf86-dfd6-489f-8670-0d4303a12ebf-620c1cb0-4341
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-1ead7ede-8c59-411f-b8d3-d00702804dea&KRTB&23266-1ead7ede-8c59-411f-b8d3-d00702804dea&KRTB&23285-1ead7ede-8c59-411f-b8d3-d00702804dea
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:NR0ktyTD1Nk5u95
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIyJnZtqS1uDoQBRIWCgdydWJpY29uEgsI6NrMuqS1uDoQBRIWCgdzdng5dDUwEgsI5vqq0aS1uDoQBRgBIAEoAjILCJysgK27tbg6EAU4AVoLYWRjb25kdWN0b3JgAg..
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ed239641-d788-4f62-a800-8b3ea6dac16f
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ebb3f611-4d49-4469-9039-bee6f997b430-005%22%2C%22nxtrdr%22%3Afalse%7D
.mxptint.net/ Name: mxpim
Value: R1B341_EB596444_2B223BC4.1.0000000000000000620C1CB1
.tribalfusion.com/ Name: ANON_ID
Value: ajnsIHOleq8PZabprMjadZbXRQFKOKKTSeKwhpL6AE1cSCrP3C8Pv8Q0EIiF5XbMkIGbf2N3PDM8LRbYZcrUVA5HwZaQ
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B341_EB596444_2B223BC4&KRTB&23092-R1B341_EB596444_2B223BC4
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 4f9a7799-3e1a-4b6b-a2e0-f98b05f94750.414174945
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q6982473371180712174&KRTB&22521-Q6982473371180712174
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Dd4084d10-0750-4cd0-9077-8f443013cdf9
.bnmla.com/ Name: rx_uuid
Value: d4084d10-0750-4cd0-9077-8f443013cdf9
.bnmla.com/ Name: rx_maxage_10738
Value: 1646256945
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ebb3f611-4d49-4469-9039-bee6f997b430-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-ebb3f611-4d49-4469-9039-bee6f997b430-005
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-d4084d10-0750-4cd0-9077-8f443013cdf9
.c.appier.net/ Name: _auid
Value: CcydyAqhBu6u_CO1sRwMYg
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-CcydyAqhBu6u_CO1sRwMYg&KRTB&23130-CcydyAqhBu6u_CO1sRwMYg
.pubmatic.com/ Name: PugT
Value: 1644944250
.nydailynews.com/ Name: _ml_id
Value: 4b0002de7e794e74.1644960936.1.1644960946.1644960936

16 Console Messages

Source Level URL
Text
network error URL: https://www.nydailynews.com/pb/resources/fonts/OpenSans-350.woff2?v=299
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://id5-sync.com/i/687/8.gif?id5id=ID5*FbN7zSAsugrTQ8BDAigAiVFVeYFqrERt5XQ6PYBLHYoIBCiI8HxFuiyM5fYWedUVCAU7S3jys-g-_cXqGMoWNwgGN-ipMXcgmL00afcsTMIIB8mkBT1WtbPwceF3mtueCAiAfMNSaQjh3zgp02C0xggJrbrfAyFKDPFsRlW2MREICrMwGfrJ-Gm8UqOUmYJXCAv7NYQP_QNojhmuUOFImAgMDgjtXK7ZRDPtTvEyqvgIDQBRHdt5klYJU9ir2trACA627c7sFujnxxbVKSve1wgPsVGvtGl2ux5SxaEclX0IEAOocA3mAQCcZsnU6w7_CBEde_pf97CBT8VZa36TSggSvEBgOokVQTYR2dRui3gIE-SH3551acZVR6_zxUEsCBQzqMJwP7pP_kFtlr26iggVUr7X6mOtapuhd0C5DJ0IFlzt2NQ8wjgtRywvQlmhCBetIIVVwsogSpp5RwesZggYmnPwPL2D7vh23tdE21IIGY23n6WGxwSx1ZA5pktFCBr4WrLR5ifmYcTGFAIOFAgb0NItlUe10A2drn3JhukIHAkeB_bExaMwLr7fdm91CB2THe1CSLLuyFIn9mo_LAgeQaleKrLamfY5Bd_haLsIptYJpEVYIpFj1DKJp0Cj&o=api&gdpr_consent=undefined&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=7341874419548819343&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13286604602864346121/index.html".
network error URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgwcqQAGbTJD6QAy
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJGDqYgT-w4mhKakEUYwRyI&google_cver=1
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://pixelam.adlooxtracking.com/ads/ic.php?_=[CACHEBUSTING]&type=pixel&plat=131&tag_id=895&client=sap_dsp&id1=www.nydailynews.com&id2=sbfanix&id3=drtzgjat&id4=333x333&id5=ks2xwbz&id6=4ecukjb&id7=triplelift&id8=acjf93j&id9=f85c047c-a02e-4297-ba5c-42e3f81c2ba1&id10=2842&id11=$ADLOOX_WEBSITE&id12=display
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=r3criHqfM&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
265fcc771172556ab99797ebbe37a803.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
am.adlooxtracking.com
amazon-tam-match.dotomi.com
ampcid.google.ca
ampcid.google.com
api.bounceexchange.com
api.rlcdn.com
api.taboola.com
as-sec.casalemedia.com
assets.bounceexchange.com
assets.zephr.com
ats.rlcdn.com
authenticate.nydailynews.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c.go-mpulse.net
c1.adform.net
c2.taboola.com
ca1.qualtrics.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.onesignal.com
cdn.parsely.com
cdn.taboola.com
cdn5.userzoom.com
cds.connatix.com
cds.taboola.com
ce.lijit.com
cks.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
confiant-integrations.global.ssl.fastly.net
core.iprom.net
crb.kargo.com
creativecdn.com
csi.gstatic.com
csync.loopme.me
d.adroll.com
d15kdpgjg3unno.cloudfront.net
d1n00d49gkbray.cloudfront.net
data.cdnbasket.net
data00.adlooxtracking.com
dfp.bouncex.net
dis.criteo.com
docker.creative-serving.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dyv1bugovvq1g.cloudfront.net
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
events.bouncex.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
img.3lift.com
img.connatix.com
imprnjmp.taboola.com
ins.connatix.com
insights.zeustechnology.com
io.narrative.io
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
loada.exelator.com
m.fg8dgt.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
ml314.com
mug.criteo.com
mweb.ck.inmobi.com
onesignal.com
p.adsymptotic.com
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
pd.cdnwidget.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixelam.adlooxtracking.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prod-use.perf-serving.com
protected-by.clarium.io
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rr2---sn-apaapm4g-apae.googlevideo.com
rr6---sn-tt1eln7l.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtd-tm.everesttech.net
s.amazon-adsystem.com
s.go-mpulse.net
s.tribalfusion.com
s.uuidksinc.net
s.youtube.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
siteintercept.qualtrics.com
smoggysnakes.com
spl.zeotap.com
sqs.us-east-1.amazonaws.com
ssor.tribdss.com
ssp.behave.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.teads.tv
taboola-supply-partners.tremorhub.com
tag.1rx.io
tag.wknd.ai
tags.crwdcntrl.net
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr2.smarterhq.io
trc-events.taboola.com
trc.taboola.com
tribune-nydailynewsclassic.zeustechnology.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-east-sync.bidswitch.net
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
us.ck-ie.com
vae-bid.adsrvr.org
vid.connatix.com
vidstat.taboola.com
view.cdnbasket.net
visitor.fiftyt.com
visitor.omnitagjs.com
widget.perfectmarket.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.nydailynews.com
www.tribdss.com
x.bidswitch.net
zephr.nydailynews.com
zncgv19neubv6bvvp-tribune.siteintercept.qualtrics.com
100.20.199.76
103.229.205.242
104.105.42.146
104.112.13.139
104.126.112.185
104.17.208.240
104.17.209.240
104.18.102.194
104.36.113.24
104.36.115.109
104.45.178.220
107.178.246.49
107.178.250.234
107.178.254.65
108.168.159.145
13.225.205.104
13.225.205.118
13.225.58.39
13.226.31.81
141.226.224.32
141.226.224.48
141.95.3.40
142.250.64.102
142.250.65.226
142.250.72.98
142.251.32.98
142.4.218.92
143.204.143.31
150.136.222.2
151.101.1.44
151.101.129.44
151.101.193.194
151.101.193.44
151.101.194.137
151.101.2.49
156.154.200.36
162.55.120.196
169.197.150.7
172.105.203.31
173.231.178.117
178.62.202.251
18.119.71.134
18.206.109.9
185.167.164.39
185.184.8.65
192.35.249.127
195.244.31.11
195.5.165.20
198.148.27.139
199.127.204.142
199.127.204.162
199.187.193.166
199.250.166.129
2001:4998:1c:800::1000
204.237.133.116
207.198.113.177
209.197.3.16
209.54.180.3
23.211.130.59
23.219.95.182
23.221.203.12
23.221.203.181
23.59.109.238
23.78.210.18
23.88.75.186
2600:141b:13:6a9::11a6
2600:141b:13::17d7:8228
2600:141b:13:a87::11a6
2600:1f18:4e9:5a05:7530:e049:6d41:d338
2600:1f18:612b:4264:d436:a7a1:a7a:c65e
2600:9000:202c:f800:18:1fcd:34f:cdc1
2600:9000:2162:3a00:5:82fd:2500:21
2600:9000:21ea:5400:9:7c30:be80:21
2600:9000:21ec:9e00:11:b309:9100:21
2600:9000:2209:a00:8:48e:53c0:93a1
2602:803:c002:200::113
2606:4700:10::6814:b844
2606:4700:10::6816:1957
2606:4700::6810:9540
2606:4700::6812:d05
2606:4700::6812:e234
2606:ae80:1471:16::760
2607:f8b0:4006:806::200e
2607:f8b0:4006:808::2003
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2004
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2006
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2008
2607:f8b0:400b:1::c
2607:f8b0:400d:c09::8b
2607:f8b0:4023:1404::9d
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f716:921a:893c:c3d8
2620:1ec:21::14
2620:1ec:c11::200
2800:3f0:4002:80e::2003
2a00:ba61:0:126::d
3.128.137.140
3.129.242.122
3.225.165.174
3.228.147.119
3.230.28.223
3.33.220.150
31.220.27.134
34.102.163.6
34.102.253.54
34.107.191.194
34.111.8.32
34.117.4.53
34.120.155.137
34.120.253.250
34.149.130.207
34.196.247.200
34.197.192.192
34.205.197.188
34.213.37.204
34.233.77.103
34.235.184.233
34.235.23.231
34.237.23.137
34.239.109.150
34.98.67.3
34.98.72.95
35.186.240.235
35.190.60.146
35.190.86.194
35.201.103.212
35.201.96.126
35.207.10.239
35.207.24.140
35.211.141.197
35.211.165.199
35.211.178.172
35.211.20.91
35.227.193.227
35.241.31.249
35.244.159.8
38.27.122.126
4.78.226.233
44.196.229.52
44.197.23.49
44.198.222.213
45.35.192.162
46.105.202.126
47.252.78.131
51.210.112.236
51.81.106.33
52.0.156.250
52.0.54.12
52.1.181.171
52.203.60.58
52.205.167.202
52.223.22.214
52.4.194.209
52.46.155.118
52.5.237.191
52.54.42.45
52.71.142.200
52.85.61.12
52.85.61.34
52.85.63.179
52.86.198.120
52.94.242.65
54.173.21.243
54.175.87.114
54.208.193.246
54.211.161.228
54.230.162.11
54.230.162.112
54.230.162.123
54.235.123.142
54.236.139.147
54.89.1.168
54.89.30.31
63.251.86.51
64.74.236.127
68.67.160.26
68.67.161.210
69.166.1.10
69.173.151.100
69.90.254.78
74.119.119.139
74.119.119.150
76.13.32.147
8.2.108.194
8.28.7.81
8.28.7.84
8.43.72.98
96.17.64.164
96.17.65.160
99.84.125.43
0041605dccf238cdb8b0062daf3818f9d1598b0124561b1dd12b84a6c8463bff
00a6957c78bd7723791516082c1b88265166e46c78493557f8014088c9aeabfd
018230e506cfa3f5fd892911defdba0d4e65591c6556d881055c71cc18f7d98b
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03ec06d4d0a13f331b59622f1533c9d153c95dfae40311de21ba7079bb210369
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0742fdbb45b1bdc8c0ccafea77f66a1a77bcaa3faed0c74e1d01418041a8d170
0778689b2f74019c8f631e01a478c78733228daba4c8310521fe0e3c91218ded
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
091ec084a0358833ca37c3555b08169ec1f856ddcb5d9257310a988b73bddcb1
09cd4435e132fec6e3f1b6a09ae619da55dd6a295b4f33cd32484786fc13e726
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a67411b698bf1554ba2d43659bcdea43f247e670f7b44d66f425c20504034ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8b682253c43d2d9694c849d6f7526f8806c3215f75e2ec263e745dd9edc518
0e4b7ef5182ca91fd1ed431eb02a1417ba322b31bb46fce7732034c5f31179cd
0eaa8d7532ef0b03c5cc38e00da1409992d3c1f0230a698e6c9afb7851c966cc
0ec9f4880ece4d620da10f84c3200bd3abc058fe5b7868847ecf7dfa6c0e6686
1119f440db7dc0a9bc74cb58a6ba71c4c14ae766b8576d727f8c9acb135b2e24
128cd80eeb395349ca44661cad1628414936fa67719ea0248c3bdffbb345f1af
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
1621109321ffb600b707bba407e8434f2e0a8f453e63caec68f77dbf4508fef0
17a238c718b32f43cce7f677d9304367e09cfb492a17d4228d49515211759204
17c48ba7e3ff09a9ea576473142b943c741fd3da37bb122b68786479b685719c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181d52e40ee601a5e401d1ce2a5ae8d49deaa3d8123c59b7c5907c1e7eac7d4a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b4a99b9485964f387d5110ade979d420235b6a90f284cdd1d6367d7d1edcfae
1e2f8c21e68c524026b25b545fd5bd903ec2de1411241bff94edf0f49d1550a8
1e75c7dcee42e528118bf67b45a64851ea2ce7c3ef6de329bcde2d2efd2a5bc1
1f89856a3795f3824eff2d6ff4b2a4217f1758392e130d0ed89bac6827408ac3
1f98f2ec3949c02393a2eeb79ae4ebd56daed4a8a3da19011a0058644c888bea
20bc354edc7497a7c66d133c7a6d1c2c92a0e10a3d4b181936e76fb6ebea4a5e
210c8cdb7666d017a1d903f7c8901d64c1d0367ea5174d8a55108e7ac6879526
21219e841367777c3e705912b243a0cff8d0b063886837113dae99bddcece9e0
214b0789cdc96ea3ef2007730b107604e9ce442e56dccda56645f43d704e7db8
2341a1d6b319bc5f3df7a216184273212d2444fde8aad7edf41645b1be032b74
235e6a41fa0aed4266e6861cdddbdaa3c195b32a0a457af0c8452caa9f5e1319
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f
24c62e56138e10adf9e0ff0c1c9b3e2724c5d26ce5e88a6814ded6cab0e5d755
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
25ba24efeff681cdffa9382524106994957f089d9e021eb73890979e5c8688ee
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa
26f6ff6f4d7f1d68f77262c8679a2200a2e64a07dc2da747340df653078d74ac
285b89faac20b0ad7535f799d2ba72b07de610eb158a5765eba5bc4059e4a680
292bcd0551ee500b1cc5c1416ce840c056f16075b5f83fb84c3cbcbd422fa5ee
29726e833f4940e76823406599378dfda2812b5c91a6653cec78e722f1e40df8
29fabe1246ef70aff9a23ae15affd1db007d8bf29d597ec2764625d66a5485ff
2a5d03016ff5dc2fe9b88774d407a328ce12265039062f241911cfdfcd801f22
2aa9292ae360c573ce4bb6603f7d9b5ddaac9c83857a110e4fd3942538da0994
2c94df6b4b148b9e7cf636f2160b1135818d3f8414b0ad5840fcdc66f43f4c9b
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
31387c3102e0c073a7e902e4e3156effc68e69fd68fea10fc0e295d634f500da
3186e063bb55d01e71d696ac2c93c01b68eae958b3b4ace62c39f141b07607d1
31fa19659309aef258555f59492d8523198a7b57c9a599d80ddaaab484fe50b5
323a1c3bcae0acd3273f45c74db88d84516fe634c76fe7731925677d22c0caab
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331ae3ef5acc4c89a59b227090788063b6bd6c99e92594de052952f676eb8bcb
33d2541f75ad90cc7935e7782e90eecedcdffa11fab094ea91b9083a91aefa6f
33d868ac3e16337e3f89df51955fcc1e99bf981cf99f9e34e1872947ce58013d
361e17d5a3bc85910c2a1c34395066063984542eb330b6ca0d1dba21cae4241c
36802e056dc0107ac3b954ba750c9d79ca6fcfc0d5d9cdc211c7784992aab1c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37aa3970b6801c9d286464f7d86e50bf41c88e54c7b4d08f3ff61935b3f59c3c
380c850a1673bc0d526a066903367b50a93175fa959cf5fb5068b57ef43c8c2b
395873e0ab5be4bff26e7c8f83289540236af0a526258c292354104d2cb4c0dd
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bf1826d0d1105a0bf1302406085802eaf9f66fcdf418ab4b637fec79c0943e7
3c6b45ce8ca0a28f418decd40c175f3abdc3d4f38e011928f965d9ca00c46513
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e
3f58c74735055c0da00364633753b829ff678d1d520595abd37ae63a096032a4
3f9d6211651f0f0f472cb6b19e43033a43aedaf17e1f6e745ae72f594c74ef19
3fb0a346eb2f9f3f7ee6c7fdbb0ec92cdc3dcc00791f1e045ec3c40bc5f5aa10
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404b5ddfd751e54016ba4fdbc2578938191c4978d69f28d642b746d6e9f5b5cc
40daae19ed1cac245c0dc0c48846fea95f552f79b4370c7f179d39eab03d0be8
41a6b03cdc026cf8c89bf691cc87ac8e45a3d31f0b13b7b608e800dc3bb43c79
41df177bf0ee7f4522f6d2167265a7571390548e7de4fd6621de6f3cdcc7fe0c
420b866f2e87987f86bf6e783f550165344a1c319ae537d6da40280f86ed64a5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43fbbe355f40735e833eb1acd033f1cec8e3d31a8531c1ca1e7b0a1c6e5a66fb
445041afb38e02eaf6f022f493760d4b60e76fb8671e42d51508d057c4fbb2fc
4470070a6a6d7c71153373c24063292c7f14225a58a94e024a10d9c630bd1c0d
4619d76efc65e12af08dd151ebfb64cbb3996f14c943662fc8ae6a822056c83a
477ba6ccfa9c4ed960f8405a8f7c23510373a4854d6a53aa67b16458cce0eb71
47fdf10b73b62637c160f6a100fada484274983bd6625198d33a809f7bf475b2
48679354e4c07510a46bf03508ee8a7924a448581123f4e3aa6a4abe14af4ace
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4abad76489550a4a6bbc1d3de41c07d35dcc7cf40441c2e74831419b55c0f351
4b3507382b00a0071e4d438de44d94339c88ac2873dbba5f89059fa9192323e0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1dbb0879a10aef55e9467fef55dbf57f603aba140cb0453b1c018b4fb56326
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecba18fe533a73880544942d21ca72a3a2ce711cf30b12aa254f31527e536c4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fc19f788324da5ddb1c71f1f30d6c03873212e1ed7e72796d6e696b6693b6ca
500db4df7d54a9fd67cdf0f1800f76bb495c1000b5f5d6948870b0dac44944bb
529faee70b6376cc783ee55be34b24946a814136d65d6fbd0d982fab6151ae1e
52a1bcfe57d41720ea9ca3591ee85d582aae3f2ac61d865ae746bf3db06a3998
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54b121ef79b67abdb18e07b871fcb8c1c01654c77473af257ad942765f424980
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5712050006ac7533c3fee3d31948becaf8f352af45e3cffd99c31a38b045886b
5926fb14852d75812bfb855076a16989dbf7b054bab7b94df28676cbb872505c
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5ee727c5546cb16d6a281f5cc7c79cdb02089ab0c0cf8e70cff9dc7400455add
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f495b0356a71a36df0640d33686b4e2122c74ea174bc4b593b7c1d469a00515
60300d1760edb1382a5078de0c68d0fee6f89005f342685317497348b58c1e25
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
60f130cc7455110625ef44bb7a3fa6b9879cf77c37e1f1cf539202351f0d2303
616c4b92a09b5c3b9ba1abd27f4fc9ead2beca259dfc171898be039739f3846c
617f3f1434c901d3c7b253af27c9067fba76b35d0df046d4fca925464b418c52
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6309c4a5cc3463b9b7180a7b7c4cd233492052104119f23b6fbc1d79bd99e7ad
638d58e9cf8e04cea92881aff0bea8cb2f9ac3c2856248a22839cf3ee28b4318
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
645673a97a41930992c977b8cd3123bc07f4af75e3166b95166f14e294e4a1d7
666790a05f022830460db172a1b77027af121d11c2057d735b64eef95821c066
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
68b3fe35f16c8a9f7f4821aff7cae9ae1cfe86e80f6dc34053cebebc5c2d417a
692a42563c5a455d69600d3722469c174cd42e7a19a63c1b7bc749f66d93a464
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6aa96448bff9e725c798de9266a5b1a4be0c41a650518d2cd160261e2a521ff0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b37e96ed0b892ea450175a37a7a340fa9fe479013c6c9b7a8d2bf7c13191b2e
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
6ca03c43db4e336527b70775ba6e4f0047dbe3cd20926600cfe572f3b2e0be05
6d0b14198d9bd374e7cf26bb20a60f902fa063268f726d4bf3493f377f508538
6ece5ab9ad8eb95190fffedf296f59809169e48fa57b95e8d868c553b1497676
6f7b3f206f6e17e1083d3b0033c61f4f6dd25b0c597338210e5ebde3a2fb29f4
700088829f93f8133f139532a8e47711ec398c71f3f7e2910b8de1fa0c1ce7b2
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
712031ef73ab5c53c1660f1f2ffdd4f152a12705db1dc9bd37acc10481ced81e
712e082420d339950c25c4bb3ff7a5b10d414bfd1ac6c889d1a74f34c287d61e
71364f55c1489c4367b957b69c36d6d3c71e7b6023c055a274340cd14df2d199
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
73dc4360421f490db518b8877b7dc37ea71eec4cd63839d0763fa248db070608
74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab
74bc631d394d3977843c98ddaa2ce877996ac5db0efa0fb094a5dc1feead24d5
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
75d00d9deffe5417131ea0a704064a1e7abdfbf4a3f9bd0199db30e2b583b378
75e1ad585990d7f3e36124733d36bf3ee56c512ef2c1018f827a9ed7908a7183
76e83ebc148ea339795b614107cb3cd4035d33f04c3e39f0c8decfa0e30d006f
771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7c69321b6ab84ee43ff5a33c5c40991a0ad41fed8679786c73c025422e5d8992
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fb26c7aa8a0f21eb4cf37124706d49b568d5417e06c39bfa755b1613a1f8373
81e8db5bc7f5ff163f4a9024aea7ce3004973ea4b69c5276e38825c2f81d27d3
81fe046281fc6dd78fae0d5906d788126592f0fc96b020bca29cd64affa0efcf
82735d5f7439f34c95f976a2e2833eaa03d719a0aecedbfef1784a6c0bf67902
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84600db21ccdf456925566e2ee7b99d91dd93a017bce4ec361910be9208bc661
84ee46e8d0c47860ac7775a850cf714f2d78f8e890fe540bb75361616280ea50
84f5ed854a081a56fa990f0b017ac804232647c7f40c9363fbcc72c2b3895ffb
851a74ffa8f02d427545fa401685e1453eee4e2ca9d4797fafd5359e2eb10c01
856e51f8e5d25eea2e354b13bd679bd30a4443f01ccf0b318954fbbc6b47cdc2
857dfff0589ed42b30ecffefc60cdfc9095ca9e88403e369c544de50eb8c21a5
85c55ac21e850c953dad6ab622d94de07cc7c0b0eb990c56c4264364b6d30196
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
861e89025298c1e14a8745b959e7f0fdaacb9da02c8dc223288ea35445682740
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
873af853dede2eef6d739dd841fb21596d262ff33e68a965eb377e47ed8d4c7c
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933
88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad9bb6a14149d96493b09b7cb065f6e15432bd3f68683f2d8f668336ae299cb
8bc19376ab3d2dfbf9fdb4c72ec4473395dd5eb58118a94151b966668ec3017c
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8db3d891f077aac42f2ca43a2c3a830975ec6da5d4863d74d497cea1da91b956
8dd9102b5946abb3f70f167b5a48b18e0d867ef4b8a03e01e4ae3c17e8ad7147
914200271af6b0ad8abd44071d2ae98bfeb95a2503efcde68e22dd14fee3f44a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
946ebc6526a76f9cc14bdf8cb8d141eb060420c0b5fb5d4bd2e22615ac90f60a
94c3631f006e651412da2380a5079c9168aec4a632ff17f03a23f6aa3cd7ee0a
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95fe0ad47713946af3c07044c6b818e7153cdb483410114863dc96840f77db2f
968ffc7a6364cb2bcced2d70eece11e2bfcaa8aefdbdcd98c767d1219d17b817
96b675b1ce6c023c67574d00b2a1b39a9e6b075671bc7adfcce6c309344a91f0
96e81f3f61d15e1b47cdabbbd80d8f630c690636a2ab6ca44744a74de0e22f3d
9846fd9ff7cdb356a3557d37bf734f801ec7eb230c9f4e1e342113f137c7f738
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f0e0ea373f280ead1057549e140765d752bdb8dc1a91e99993aabbd6e354ad
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d0077e79a0f392ea8421297d4eae398adfab15d0a3adde301f6f47a8ab40974
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a92f46c4e2447a049a4f49a304d611174e0462b89ddbccdcea55452579ae62
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a97848bbce4688ae8f12486f4df5c0e58b8b12f08c93bc94a095bf10bd7af575
a9f0a9f7315d8bdcd6d49cbaa19563417d235bf91d63345998981a0edb41fc16
aa8acae55af2687e4def8fd9c2ab60ddb636c6895b70304fb0d295fcedf453ed
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b
adbbbca3ab29b52b7dbca1b15bcfd4ec9f690dab8a74fa243039b736eaa5ed70
add417e7b590bd9774893cafaa9542c9f92f5029f7b36cda24cf6acc382d0a1f
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
b032cccaf1c60911387babd826f98d79c210bf30209cd93c881045871301c7e2
b09ea579d23bbd93059988b2cecd6d468b6963d86d2fa5a0cedc7e65c7226340
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21f4655009ef1ed28d20287fa2a764759811ba0385282727c4ca81ec171ab76
b285fa2d18542ad8efe8a1c8024807f9af0793e6b028973e01059a636b10d0fb
b44a0f699e1076ed5217e1f5c824fe842e7f5bc9ac0e94fbde2a7c3a4d421027
b4714a8ffabb2c6551a01fd0b2dd756d12d9a8e2b6d5910b50006744486fcf83
b60af31f4402255b9fe3e40e493adfde0b7fdb8a71891151c04c51ca788e79eb
b7fb9aeafd2d878c9105c3dbda844cbc6b86855b92dfe660b0117f692284bc7c
b948a1e26ece129d2a06ba2305bd88102bc028750fd0cf0000d6816d4dffc73e
ba9f8d7c0e68ddc7ee4a2f9fc5e169e3d8043dfb794c5db2b9ce05184ede0713
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcff976e7ce876d75d1abf21536efede75952bbbd184120aceacca6847ce680f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c224933a534aa1bdbb50c9e5d3401d53481ad320e27b7f47a773c27e344091c7
c241839a9038912478c4f259ea1be854d09a30837fed6550b069a0915604e77d
c292d886e68ecb7a6d23b877c247c646e19a434942fed038aebbb8fe9da5efa0
c2c81d373c6ef2701c910ddea7d457687d9773bf3a3163ccff1740a3eaca0f3b
c31ff52f1cb755f630e633b18e226f5b5485187c9f6bae684cdfb5bd1b2aa044
c32d5e92d7a82bfd1d2933c53d6bff20c539565013f05ded5ea50969569b6293
c39bafbc68e818a7b1f4b4b16a99df7c62773148e0181f902f5c103af8e1ecc6
c39c5df29e8336b641d8f3d5fb953635b25efad405fe9291c2de2cd6f4fd819b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c690f0c083ce0ea36a15c2e1ea034538366c34b8886817f58ac35c5f86832e12
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
c9335deaf8bc00461bfaa7c51f53c4f8dae5cf20160e1e55a4ae4e7b1091317f
c94563bc83700f42294321f5ff7e84e13fdddf8080811a79a57233ea471d028b
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca387f5828734b1bd7d1064e580479d3396f5bed348a440be1f9d6452711ed71
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc2642e2823bde079eb7e4e9ab025eb2c4810e698a42a1d01464d5dbad51cb03
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cdedfb11642476f8bb9866868fef693be057f23bb825ddb9cc0a8b487dc9871b
ce0083d5d002f9d0ccf1bb170727be4494b7654aa11b407ac934c58308c109dd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf96438bdee5f41ac943b3808637b788e370cf1efe1eb3f89d2a026491001f13
cfc7dd225dd599a24e4f44fc692cb68c48c5b6c245de85cdeee62e50c0fd873f
cfd7d17c6a0b31fb20be7a6e1f47a922b808821ea7c26e82db35be03139bcedb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d128184b9be68c9b6528d2d41041086dd2cb27f63ffdac9457704e84b171960b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1cc943eedb73b6a02fe782c2d8a945478106e07e41e2d7d161c3182435c0b63
d3d5415480083e684254b1653b8b13411c043c3067fc41db53eac98829c99ae8
d694e9b126201d5a85afd5e6ef5346a5990d14bb1f12cdf7f4b929e89e285a02
d6955137ebceb639a69fcbda007d865e3dc037ed32b40f74df66a11cddb819e1
d6f60247410a8be0b2b1e6468c33b99e2d27b5e82ce6c0f9dabfdc2b83994f68
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8f8f1c43ba9f1232bc2bd9bf9e68e7e40ce95d1d5fe2ab6860e067d9fed4908
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc72dc2e180487b65563ea7416932c028e9679a733cd23b6ff898df256b2d4c1
dd5bd26d619f31c6a315ebbebbb8328e953c3e64a7f5f6efbf8fd5ec37a94a48
dd8731f3a039e453e2da737286b752450b56d48a893016fc848ac00d173e1408
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de70afdf2ae9c96e5a238f2e34cab6332dda5b183a30ac3e1f3097a5fbb221e6
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e0111fd63ea6e0b9602cfe26543275c1c56571ce54a99fc286a62c480027047f
e103b4b8e054534fe795815addb2068b5db87382812f5893983f2405e36ee094
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2811d48b2cd94fc53c8289754121a78a681fc1644ad410021cd3297e8a93282
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444d7b706bfd14ec1c3a5f980a93b0a70af3fa07a2bc94e134987a3b77495d6
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e700275ee832f084fc4776e7cc4f69a5987622cac2073a747d9e7a9281859423
e74b4a43cf679980ff1ddf614a8f75621937e4bb44e030bd9adda76278b8a9d8
e76f7f3c955ef6adf1b8c0b25f1567ea355648ae98e80b51fa1fc56b978e9dd9
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21
e7a5b7c86174626d8e7e9196173d3939b59afe6aa59c59488592dff5e952d53f
ea15b7142e03cbbe1323349e71bd06539ef9cce15001d7453b07b85efee7f385
ebd563c03965f145d16befa28e5cc95a1b1690ff7032f98ba3c70cd3c710988b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a
ee4f7d7465f0abaa06cad8e9dc4a7eda0b8fe13353f26affdef015eafba30bd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00bbb93c433be8fe090909305cd6984e0e50868d1fb022f3830977a6d084bd4
f05b433bd9e3d5f20b021fbec3b24de2441225a1b970cbfe3f1302f5731024c0
f284927e830d7d93e853fd8c539ad5d249d952577e5252d0e6bbbaa776bcdf66
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f3fe183cf65f19ad2ed6494c6cbc3bd50bd86a9b6c7ccbff95143fa6c26bacb8
f41024fd1714a0f58119214417b8350f033ef429c3cf1254948a0beed7f4c334
f4328c3625816333dbe60b8c58bd4969be65403993ae4364bc4b53eeb633d972
f447a251d15326bfba7606a477cc072b2e452ec2f76d3970a8a1f45be11d9402
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
f940681cdfae8d139cd5c47a39071d87247c038b2bfada82bf1d585de84d78fc
f9af39002293e68b72a0956e834742a0dcb8bd9722d6a80840df53be6b360c8a
fada94e13311cc5684285cf9f0824092e1d66c1a115996ac7ac5b1d56b365de1
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc9d0b2aa08fad692f3bacd48707ad747d4efe8572e57c57b48fd032b9c77e86
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f
fcddd0320abcbc169a9c00b67d08bfc6b5d8b1df4d1aaab690942188ef8baaa7
feb38938fa5366e86396c9774bd28eae74449f7f8c02f38c59a354d7b18062de
ff9272fd90ea803c56180cad616a3d6debc555288156f67bd9877eb3b9f0f406